dcsimg
LDAP (JNDI) with Windows 2003 AD authentication problem
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Anonymous
Posted On:   Wednesday, August 1, 2007 09:04 AM

I'm using Active Directory of Windows server 2003 to authenticate users, and I'm querying the directory by LDAP through Java JNDI mechanism by simple binding. The authentication module works well with Windows 2000 server Active Directory, and with IBM Tivoli Directory Server 6.0/6.1, but then i trying to use Windows server 2003 Active Directory - the authentication goes wrong in some cases: 1. Existing user with empty password - authentication succeed (but user have non-empty password) 2. Non-existing user with empty password - authentication succeed 3. Empty user with empty password - authenticatio   More>>

I'm using Active Directory of Windows server 2003 to
authenticate users,

and I'm querying the directory by LDAP through Java JNDI
mechanism by simple

binding.



The authentication module works well with Windows 2000
server Active Directory,

and with IBM Tivoli Directory Server 6.0/6.1, but then i
trying to use Windows server 2003

Active Directory - the authentication goes wrong in some cases:




1. Existing user with empty password - authentication
succeed (but user have non-empty password)

2. Non-existing user with empty password - authentication
succeed

3. Empty user with empty password - authentication succeed


I have disabled the anonymous LDAP operations by setting
dsHeuristics attribute to 0

in CN=Directory Service,CN=Windows NT,CN=Services, object,
but it didn't
help.



I'll be very thankful, if you can give me some ideas about how to solve it.




The code:



			
/**
* Authentication method.
*
* @param userDN - user object distinguished name
* @param password - user password
* @return true if authentication succeed, false otherwise.
*/
private boolean authenticate(String userDN, String password)
{

String BASE_DN = "DC=server,DC=city,DC=company,DC=com";
String HOST = " ";
String PORT = "389";
String URL = "ldap://"+HOST+":"+PORT+"/"+BASE_DN;

Hashtable env = new Hashtable();

env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, URL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL,userDN);
env.put(Context.SECURITY_CREDENTIALS, password);

try{
DirContext authContext = new InitialLdapContext(env,null);
// Authentication succeed
authContext.close();
}
catch(NamingException e){
// Authentication failed
e.printStackTrace();
return false;
}

return true;
}

   <<Less
About | Sitemap | Contact