LDAP的英文全稱是Lightweight Directory Access Protocol,一般都簡稱為LDAP。它是基于X.500標準的,但是簡單多了并且可以根據(jù)需要定制。與X.500不同,LDAP支持TCP/IP,這對訪問Internet是必須的。LDAP的核心規(guī)范在RFC中都有定義,所有與LDAP相關(guān)的RFC都可以在LDAPman RFC網(wǎng)頁中找到。現(xiàn)在LDAP技術(shù)不僅發(fā)展得很快而且也是激動人心的。在企業(yè)范圍內(nèi)實現(xiàn)LDAP可以讓運行在幾乎所有計算機平臺上的所有的應(yīng)用程序從 LDAP目錄中獲取信息。LDAP目錄中可以存儲各種類型的數(shù)據(jù):電子郵件地址、郵件路由信息、人力資源數(shù)據(jù)、公用密匙、聯(lián)系人列表,等等。通過把 LDAP目錄作為系統(tǒng)集成中的一個重要環(huán)節(jié),可以簡化員工在企業(yè)內(nèi)部查詢信息的步驟,甚至連主要的數(shù)據(jù)源都可以放在任何地方。
以下是對ldap中進行連接,人員的增刪改查的過程。希望對初學(xué)者有一定的幫助。
package net.risesoft.ldap;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class LdapTest {
public static void main(String[] args) {
String account = "admin";
String password = "1";
String root = "o=com"; // root
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/" + root);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 鏈接ldap
ctx = new InitialDirContext(env);
System.out.println("ldap認證成功");
// 3.添加節(jié)點
String newUserName = "user2";
BasicAttributes attrsbu = new BasicAttributes();
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("person");
objclassSet.add("top");
objclassSet.add("organizationalPerson");
objclassSet.add("inetOrgPerson");
attrsbu.put(objclassSet);
attrsbu.put("sn", newUserName);
attrsbu.put("uid", newUserName);
ctx.createSubcontext("cn=" + newUserName, attrsbu);
// 5.修改節(jié)點
account = "user2";
String newDisplayName = "newDisplayName";
ModificationItem modificationItem[] = new ModificationItem[1];
modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("displayName", newDisplayName));
ctx.modifyAttributes("cn=" + account, modificationItem);
// 查詢節(jié)點
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
// constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration en = ctx.search("", "cn=user2", constraints); // 查詢所有用戶
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
System.out.println("name: " + si.getName());
Attributes attrs = si.getAttributes();
if (attrs == null) {
System.out.println("No attributes");
} else {
for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
Attribute attr = (Attribute) ae.next();
String attrId = attr.getID();
for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
System.out.print(attrId + ": ");
Object o = vals.nextElement();
if (o instanceof byte[])
System.out.println();// new
// String((byte[])o)
else
System.out.println(o);
}
}
}
} else {
System.out.println(obj);
}
System.out.println();
}
// 4.刪除節(jié)點
account = "user2";
ctx.destroySubcontext("cn=" + account);
} catch (javax.naming.AuthenticationException e) {
System.out.println("認證失敗");
} catch (Exception e) {
System.out.println("認證出錯:");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
// ignore
}
}
System.exit(0);
}
}
posted on 2007-05-31 14:25
安文豪 閱讀(6972)
評論(4) 編輯 收藏