LDAP的英文全稱(chēng)是Lightweight Directory Access Protocol,一般都簡(jiǎn)稱(chēng)為L(zhǎng)DAP。它是基于X.500標(biāo)準(zhǔn)的,但是簡(jiǎn)單多了并且可以根據(jù)需要定制。與X.500不同,LDAP支持TCP/IP,這對(duì)訪(fǎng)問(wèn)Internet是必須的。LDAP的核心規(guī)范在RFC中都有定義,所有與LDAP相關(guān)的RFC都可以在LDAPman RFC網(wǎng)頁(yè)中找到。現(xiàn)在LDAP技術(shù)不僅發(fā)展得很快而且也是激動(dòng)人心的。在企業(yè)范圍內(nèi)實(shí)現(xiàn)LDAP可以讓運(yùn)行在幾乎所有計(jì)算機(jī)平臺(tái)上的所有的應(yīng)用程序從 LDAP目錄中獲取信息。LDAP目錄中可以存儲(chǔ)各種類(lèi)型的數(shù)據(jù):電子郵件地址、郵件路由信息、人力資源數(shù)據(jù)、公用密匙、聯(lián)系人列表,等等。通過(guò)把 LDAP目錄作為系統(tǒng)集成中的一個(gè)重要環(huán)節(jié),可以簡(jiǎn)化員工在企業(yè)內(nèi)部查詢(xún)信息的步驟,甚至連主要的數(shù)據(jù)源都可以放在任何地方。
以下是對(duì)ldap中進(jìn)行連接,人員的增刪改查的過(guò)程。希望對(duì)初學(xué)者有一定的幫助。
package net.risesoft.ldap;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class LdapTest {
public static void main(String[] args) {
String account = "admin";
String password = "1";
String root = "o=com"; // root
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/" + root);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 鏈接ldap
ctx = new InitialDirContext(env);
System.out.println("ldap認(rèn)證成功");
// 3.添加節(jié)點(diǎn)
String newUserName = "user2";
BasicAttributes attrsbu = new BasicAttributes();
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("person");
objclassSet.add("top");
objclassSet.add("organizationalPerson");
objclassSet.add("inetOrgPerson");
attrsbu.put(objclassSet);
attrsbu.put("sn", newUserName);
attrsbu.put("uid", newUserName);
ctx.createSubcontext("cn=" + newUserName, attrsbu);
// 5.修改節(jié)點(diǎn)
account = "user2";
String newDisplayName = "newDisplayName";
ModificationItem modificationItem[] = new ModificationItem[1];
modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("displayName", newDisplayName));
ctx.modifyAttributes("cn=" + account, modificationItem);
// 查詢(xún)節(jié)點(diǎn)
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
// constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration en = ctx.search("", "cn=user2", constraints); // 查詢(xún)所有用戶(hù)
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
System.out.println("name: " + si.getName());
Attributes attrs = si.getAttributes();
if (attrs == null) {
System.out.println("No attributes");
} else {
for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
Attribute attr = (Attribute) ae.next();
String attrId = attr.getID();
for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
System.out.print(attrId + ": ");
Object o = vals.nextElement();
if (o instanceof byte[])
System.out.println();// new
// String((byte[])o)
else
System.out.println(o);
}
}
}
} else {
System.out.println(obj);
}
System.out.println();
}
// 4.刪除節(jié)點(diǎn)
account = "user2";
ctx.destroySubcontext("cn=" + account);
} catch (javax.naming.AuthenticationException e) {
System.out.println("認(rèn)證失敗");
} catch (Exception e) {
System.out.println("認(rèn)證出錯(cuò):");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
// ignore
}
}
System.exit(0);
}
}
posted on 2007-05-31 14:25
安文豪 閱讀(6975)
評(píng)論(4) 編輯 收藏