jldap实现Java对LDAP的基本操作

目录：

概述基本操作查询添加删除修改属性验证密码

[一]、概述

jldap 官网：http://www.openldap.org/jldap/

可以从官网下载源编译生成jar包，如果项目是用maven构建的，在pom.xml中增加如下内容即可：

1<dependency> 2<groupId>com.novell.ldap</groupId> 3<artifactId>jldap</artifactId> 4<version>4.3</version> 5<type>jar</type> 6<scope>compile</scope> 7</dependency>

[二]、基本操作

为了演示基本的操作，需要搭建个LDAP服务，有关openLDAP在windows上的安装配置可参见：http://www.micmiu.com/enterprise-app/sso/openldap-windows-config/，我配置好演示用的LDAP基本信息可见客户端截图：

1.查询

java代码：LDAPSearchDemo.java

1packagecom.micmiu.ldap; 2 3importjava.io.UnsupportedEncodingException; 4importjava.util.Enumeration; 5importjava.util.Iterator; 6 7importcom.novell.ldap.LDAPAttribute; 8importcom.novell.ldap.LDAPAttributeSet; 9importcom.novell.ldap.LDAPConnection; 10importcom.novell.ldap.LDAPEntry; 11importcom.novell.ldap.LDAPException; 12importcom.novell.ldap.LDAPSearchResults; 13importcom.novell.ldap.util.Base64; 14 15/** 16* 查询条目示例 bloghttp://www.micmiu.com 17* 18* @author Michael 19* 20*/ 21publicclassLDAPSearchDemo { 22 23/** 24* 25* @param args 26*/ 27publicstaticvoidmain(String[] args) { 28 29String ldapHost ="localhost"; 30String loginDN ="cn=Manager,dc=micmiu,dc=com"; 31String password ="secret"; 32String searchBase ="dc=micmiu,dc=com"; 33String searchFilter ="objectClass=*"; 34 35intldapPort = LDAPConnection.DEFAULT_PORT; 36// 查询范围 37// SCOPE_BASE、SCOPE_ONE、SCOPE_SUB、SCOPE_SUBORDINATESUBTREE 38intsearchScope = LDAPConnection.SCOPE_SUB; 39 40LDAPConnection lc =newLDAPConnection(); 41try{ 42lc.connect(ldapHost, ldapPort); 43lc.bind(LDAPConnection.LDAP_V3, loginDN, password.getBytes("UTF8")); 44LDAPSearchResults searchResults = lc.search(searchBase, 45searchScope, searchFilter,null,false); 46 47while(searchResults.hasMore()) { 48LDAPEntry nextEntry =null; 49try{ 50nextEntry = searchResults.next(); 51}catch(LDAPException e) { 52System.out.println("Error: "+ e.toString()); 53if(e.getResultCode() == LDAPException.LDAP_TIMEOUT 54|| e.getResultCode() == LDAPException.CONNECT_ERROR) { 55break; 56}else{ 57continue; 58} 59} 60System.out.println("DN =: "+ nextEntry.getDN()); 61System.out.println("|---- Attributes list: "); 62LDAPAttributeSet attributeSet = nextEntry.getAttributeSet(); 63Iterator<LDAPAttribute> allAttributes = attributeSet.iterator(); 64while(allAttributes.hasNext()) { 65LDAPAttribute attribute = allAttributes.next(); 66String attributeName = attribute.getName(); 67 68Enumeration<String> allValues = attribute.getStringValues(); 69if(null== allValues) { 70continue; 71} 72while(allValues.hasMoreElements()) { 73String value = allValues.nextElement(); 74if(!Base64.isLDIFSafe(value)) { 75// base64 encode and then print out 76value = Base64.encode(value.getBytes()); 77} 78System.out.println("|---- ---- "+ attributeName 79+" = "+ value); 80} 81} 82} 83 84}catch(LDAPException e) { 85System.out.println("Error: "+ e.toString()); 86}catch(UnsupportedEncodingException e) { 87System.out.println("Error: "+ e.toString()); 88}finally{ 89try{ 90if(lc.isConnected()) { 91lc.disconnect(); 92} 93}catch(Exception e) { 94e.printStackTrace(); 95} 96} 97} 98}

运行结果：

DN =: dc=micmiu,dc=com|---- Attributes list:|---- ---- dc = micmiu|---- ---- o = Michael Blog|---- ---- objectClass = domain|---- ---- objectClass = topDN =: ou=Developer,dc=micmiu,dc=com|---- Attributes list:|---- ---- description = Container for developer entries|---- ---- ou = Developer|---- ---- objectClass = organizationalUnitDN =: ou=Tester,dc=micmiu,dc=com|---- Attributes list:|---- ---- description = Container for test entries|---- ---- ou = Tester|---- ---- objectClass = organizationalUnitDN =: uid=Michael,ou=Developer,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = Michael|---- ---- sn = Sun|---- ---- cn = Michael Sun|---- ---- mail = sjsky007@gmail.com|---- ---- objectClass = inetOrgPersonDN =: uid=Miumiu,ou=Tester,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = Miumiu|---- ---- sn = Wu|---- ---- cn = Miumiu Wu|---- ---- objectClass = inetOrgPersonDN =: dc=app1,dc=micmiu,dc=com|---- Attributes list:|---- ---- dc = app1|---- ---- o = Michael Demo|---- ---- objectClass = domainDN =: dc=app2,dc=micmiu,dc=com|---- Attributes list:|---- ---- dc = app2|---- ---- o = Michael Demo|---- ---- objectClass = domainDN =: ou=Demo,dc=app1,dc=micmiu,dc=com|---- Attributes list:|---- ---- description = Container for Demo entries|---- ---- ou = Developer|---- ---- ou = Demo|---- ---- objectClass = organizationalUnitDN =: ou=Demo,dc=app2,dc=micmiu,dc=com|---- Attributes list:|---- ---- description = Container for Demo entries|---- ---- ou = Developer|---- ---- ou = Demo|---- ---- objectClass = organizationalUnitDN =: uid=michael,ou=Demo,dc=app1,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = michael|---- ---- sn = Sun|---- ---- cn = Michael Sun|---- ---- mail = sjsky007@gmail.com|---- ---- objectClass = inetOrgPersonDN =: uid=hazel,ou=Demo,dc=app1,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = hazel|---- ---- sn = Wu|---- ---- cn = Hazel Wu|---- ---- objectClass = inetOrgPersonDN =: uid=michael,ou=Demo,dc=app2,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = michael|---- ---- sn = Sun|---- ---- cn = Michael Sun|---- ---- mail = sjsky007@gmail.com|---- ---- objectClass = inetOrgPersonDN =: uid=hazel,ou=Demo,dc=app2,dc=micmiu,dc=com|---- Attributes list:|---- ---- userPassword = 111111|---- ---- labeledURI = http://www.micmiu.com|---- ---- uid = hazel|---- ---- sn = Wu|---- ---- cn = Hazel Wu|---- ---- objectClass = inetOrgPerson

查询结果和客户端查询出的信息一致。

2.添加

java代码：LDAPAddEntry.java

1packagecom.micmiu.ldap; 2 3importjava.io.UnsupportedEncodingException; 4 5importcom.novell.ldap.LDAPAttribute; 6importcom.novell.ldap.LDAPAttributeSet; 7importcom.novell.ldap.LDAPConnection; 8importcom.novell.ldap.LDAPEntry; 9importcom.novell.ldap.LDAPException; 10 11/** 12* 添加新条目的示例 13* bloghttp://www.micmiu.com 14* 15* @author Michael 16* 17*/ 18publicclassLDAPAddEntry { 19 20/** 21* 22* @param args 23*/ 24publicstaticvoidmain(String[] args) { 25 26String ldapHost ="localhost"; 27String loginDN ="cn=Manager,dc=micmiu,dc=com"; 28String password ="secret"; 29String containerName ="dc=micmiu,dc=com"; 30 31intldapPort = LDAPConnection.DEFAULT_PORT; 32intldapVersion = LDAPConnection.LDAP_V3; 33LDAPConnection lc =newLDAPConnection(); 34LDAPAttributeSet attributeSet =newLDAPAttributeSet(); 35 36attributeSet.add(newLDAPAttribute("objectclass",newString( 37"inetOrgPerson"))); 38attributeSet.add(newLDAPAttribute("cn","Wukong Sun")); 39attributeSet.add(newLDAPAttribute("sn","Sun")); 40attributeSet.add(newLDAPAttribute("mail","sjsky007@gmail.com")); 41attributeSet.add(newLDAPAttribute("labeledURI", 42"http://www.micmiu.com")); 43attributeSet.add(newLDAPAttribute("userPassword","111111")); 44attributeSet.add(newLDAPAttribute("uid","addnew")); 45String dn ="uid=addnew,ou=Developer,"+containerName; 46LDAPEntry newEntry =newLDAPEntry(dn, attributeSet); 47try{ 48lc.connect(ldapHost, ldapPort); 49lc.bind(ldapVersion, loginDN, password.getBytes("UTF8")); 50System.out.println("login ldap server successfully."); 51lc.add(newEntry); 52System.out.println("Added object: "+ dn +" successfully."); 53}catch(LDAPException e) { 54e.printStackTrace(); 55}catch(UnsupportedEncodingException e) { 56System.out.println("Error: "+ e.toString()); 57}finally{ 58try{ 59if(lc.isConnected()) { 60lc.disconnect(); 61} 62}catch(Exception e) { 63e.printStackTrace(); 64} 65} 66} 67}

运行结果：

login ldap server successfully.Added object: uid=addnew,ou=Developer,dc=micmiu,dc=com successfully.

客户端刷新后的截图：

3.删除

java代码：LDAPDeleteEntry.java

1packagecom.micmiu.ldap; 2 3importjava.io.UnsupportedEncodingException; 4 5importcom.novell.ldap.LDAPConnection; 6importcom.novell.ldap.LDAPException; 7 8/** 9* 删除条目的示例 10* bloghttp://www.micmiu.com 11* 12* @author Michael 13* 14*/ 15publicclassLDAPDeleteEntry { 16 17/** 18* @param args 19*/ 20publicstaticvoidmain(String[] args) { 21 22String ldapHost ="localhost"; 23String loginDN ="cn=Manager,dc=micmiu,dc=com"; 24String password ="secret"; 25String deleteDN ="uid=addnew,ou=Developer,dc=micmiu,dc=com"; 26 27intldapPort = LDAPConnection.DEFAULT_PORT; 28intldapVersion = LDAPConnection.LDAP_V3; 29LDAPConnection lc =newLDAPConnection(); 30try{ 31lc.connect(ldapHost, ldapPort); 32lc.bind(ldapVersion, loginDN, password.getBytes("UTF8")); 33 34lc.delete(deleteDN); 35System.out.println(" delete Entry: "+ deleteDN +" success."); 36lc.disconnect(); 37}catch(LDAPException e) { 38if(e.getResultCode() == LDAPException.NO_SUCH_OBJECT) { 39System.err.println("Error: No such object"); 40}elseif(e.getResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS) { 41System.err.println("Error: Insufficient rights"); 42}else{ 43System.err.println("Error: "+ e.toString()); 44} 45}catch(UnsupportedEncodingException e) { 46System.out.println("Error: "+ e.toString()); 47}finally{ 48try{ 49if(lc.isConnected()) { 50lc.disconnect(); 51} 52}catch(Exception e) { 53e.printStackTrace(); 54} 55} 56 57} 58 59}

运行结果：

delete Entry: uid=addnew,ou=Developer,dc=micmiu,dc=com success.

在刷新客户端后发现刚新增加的条目：addnew 已经被删除了。

4.修改属性

java代码:LDAPAddEntry.java

1packagecom.micmiu.ldap; 2 3importjava.io.UnsupportedEncodingException; 4importjava.util.ArrayList; 5importjava.util.Date; 6importjava.util.List; 7 8importcom.novell.ldap.LDAPAttribute; 9importcom.novell.ldap.LDAPConnection; 10importcom.novell.ldap.LDAPException; 11importcom.novell.ldap.LDAPModification; 12 13/** 14* 修改操作示例 15* bloghttp://www.micmiu.com 16* 17* @author Michael 18* 19*/ 20publicclassLDAPModifyAttrs { 21 22/** 23* @param args 24*/ 25publicstaticvoidmain(String[] args) { 26 27String ldapHost ="localhost"; 28String loginDN ="cn=Manager,dc=micmiu,dc=com"; 29String password ="secret"; 30String modifyDN ="uid=Michael,ou=Developer,dc=micmiu,dc=com"; 31 32intldapPort = LDAPConnection.DEFAULT_PORT; 33intldapVersion = LDAPConnection.LDAP_V3; 34LDAPConnection lc =newLDAPConnection(); 35 36List<LDAPModification> modList =newArrayList<LDAPModification>(); 37 38// Add a new value to the description attribute 39String desc ="This object was modified at "+newDate(); 40LDAPAttribute attribute =newLDAPAttribute("description", desc); 41modList.add(newLDAPModification(LDAPModification.ADD, attribute)); 42 43attribute =newLDAPAttribute("telephoneNumber","180-8888-xxxx"); 44modList.add(newLDAPModification(LDAPModification.ADD, attribute)); 45 46// Replace the labeledURI address with a new value 47attribute =newLDAPAttribute("labeledURI","www.micmiu.com"); 48modList.add(newLDAPModification(LDAPModification.REPLACE, attribute)); 49 50// delete the email attribute 51attribute =newLDAPAttribute("mail"); 52modList.add(newLDAPModification(LDAPModification.DELETE, attribute)); 53 54LDAPModification[] mods =newLDAPModification[modList.size()]; 55mods = (LDAPModification[]) modList.toArray(mods); 56 57try{ 58lc.connect(ldapHost, ldapPort); 59lc.bind(ldapVersion, loginDN, password.getBytes("UTF8")); 60lc.modify(modifyDN, mods); 61System.out 62.println("LDAPAttribute add、replace、delete all successful."); 63}catch(LDAPException e) { 64e.printStackTrace(); 65}catch(UnsupportedEncodingException e) { 66System.out.println("Error: "+ e.toString()); 67}finally{ 68try{ 69if(lc.isConnected()) { 70lc.disconnect(); 71} 72}catch(Exception e) { 73e.printStackTrace(); 74} 75} 76 77} 78 79}

修改后客户端查询到的信息截图如下：

5.验证密码

java代码：LDAPVerifyPassword.java

1packagecom.micmiu.ldap; 2 3importjava.io.UnsupportedEncodingException; 4 5importcom.novell.ldap.LDAPAttribute; 6importcom.novell.ldap.LDAPConnection; 7importcom.novell.ldap.LDAPException; 8 9/** 10* 验证密码的示例 11* bloghttp://www.micmiu.com 12* 13* @author Michael 14* 15*/ 16publicclassLDAPVerifyPassword { 17 18/** 19* @param args 20*/ 21publicstaticvoidmain(String[] args) { 22 23String ldapHost ="localhost"; 24String loginDN ="cn=Manager,dc=micmiu,dc=com"; 25String password ="secret"; 26String verifyDN ="uid=Michael,ou=Developer,dc=micmiu,dc=com"; 27String verifyPassword ="111111"; 28 29intldapPort = LDAPConnection.DEFAULT_PORT; 30 31intldapVersion = LDAPConnection.LDAP_V3; 32LDAPConnection lc =newLDAPConnection(); 33 34try{ 35lc.connect(ldapHost, ldapPort); 36lc.bind(ldapVersion, loginDN, password.getBytes("UTF8")); 37LDAPAttribute attr =newLDAPAttribute("userPassword", 38verifyPassword); 39booleancorrect = lc.compare(verifyDN, attr); 40System.out.println(correct ?"The password is correct.^_^" 41:"The password is incorrect.!!!"); 42}catch(LDAPException e) { 43e.printStackTrace(); 44if(e.getResultCode() == LDAPException.NO_SUCH_OBJECT) { 45System.err.println("Error: No such entry"); 46}elseif(e.getResultCode() == LDAPException.NO_SUCH_ATTRIBUTE) { 47System.err.println("Error: No such attribute"); 48}else{ 49System.err.println("Error: "+ e.toString()); 50} 51}catch(UnsupportedEncodingException e) { 52System.err.println("Error: "+ e.toString()); 53}finally{ 54try{ 55if(lc.isConnected()) { 56lc.disconnect(); 57} 58}catch(Exception e) { 59e.printStackTrace(); 60} 61} 62} 63}

运行结果：

The password is correct.^_^

验证密码成功。

使用双手头脑与心灵的是艺术家，只有合作双手