my dog learned polymorphism
The moose likes EJB and other Java EE Technologies and the fly likes Webapp and LDAP authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "Webapp and LDAP authentication" Watch "Webapp and LDAP authentication" New topic

Webapp and LDAP authentication

Roby Kappa

Joined: Oct 28, 2007
Posts: 19

I'm trying to authenticate user and password in a form of my web application on LDAP server.

For do this, I wrote:

Hashtable<String,String> env = new Hashtable<String,String>(4);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://......:389/DC=.....,DC=....");
env.put(Context.SECURITY_PRINCIPAL, userid);// User
env.put(Context.SECURITY_CREDENTIALS, password);// Password

try {
new InitialDirContext(env);"User " + userid + " authenticated in LDAP mode");
} catch (AuthenticationException e) {
log.error("User " + userid + " authentication failed");

It works... BUT only for a few users! For others, existent and with valid password, the code throws an exception!

Access to Context is the same thing to verify password correctness? If they are different, I need another piece of code for the second thing?

I agree. Here's the link:
subject: Webapp and LDAP authentication
It's not a secret anymore!