Query LDAP for variable values relating to the authenticated user.
1 posts in topic
Flat View  Flat View

Posted By:   Kevin_Thorpe
Posted On:   Sunday, March 24, 2002 05:28 PM

I have WebSphere Application Server AE. For development I am using WebSphere Application Developer.

    I would like to:
  1. Authenticate against a LDAP server

  2. Query the same LDAP server for pre-defined attributes for the authenticated user (using JNDI).

  3. Be able to test the JNDI/LDAP lookups in WebSphere Application Developer if possible with no or minimal code changes.

How can I do this?

Is it possible to do a JNDI lookup in the same/similar way as say for an J2EE environment reference?

Do I have my terminology correct?

Re: Query LDAP for variable values relating to the authenticated user.

Posted By:   Aisling_Vasey  
Posted On:   Tuesday, April 30, 2002 05:44 AM

Hi Kevin

I am also using WSAD but not really using a WebSphere specific code because I can run this example outside of WebSphere.

Here is my code for authenticating the UserName and password using an LDAP lookup:

Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://yourServerName:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple"); //try and authenticate details
env.put(Context.SECURITY_PRINCIPAL, request.getParameter("username")); //non-blank UserName from login form
env.put(Context.SECURITY_CREDENTIALS, request.getParameter("password")); //non-blank Password from login form
//Attempt to connect to Server using the entered User details
try {
try {
DirContext ctx = new InitialDirContext(env);

//Look up all the available attributes
Attributes attr = ctx.getAttributes("uid="+request.getParameter("username")+",ou=mySubOrg,o=myOrg);
NamingEnumeration enum = attr.getAll();
Attribute at = (Attribute) enum.next();
System.out.println("Attribute:"+at.getID()+" "+at.get());
} catch (AuthenticationException ae) {
//Incorrect UserName and Password
request.setAttribute("loginMessage", "The UserName and Password are invalid. Enter your correct login details.");
getServletContext().getRequestDispatcher(loginPage).forward(request, response);
} catch (NamingException ne) {
//General LDAP error
request.setAttribute("exception", ne);
getServletContext().getRequestDispatcher(errorPage).forward(request, response);

I just loop through their attributes but I will try and do something useful with them, like security access restrictions when I get some time to figure it out.
Hope this helps.

About | Sitemap | Contact