Ldap bind mechanism in java

Hello all,
Im facing find solution for ldap bind similar to [ldap_bind|http://php.net/manual/en/function.ldap-bind.php] function in php.
it seems easy and nice.
I had look around the web and some forums and got direction to use this
But this is not similar solution as in php.
ldap_bind use only conection, userName and password dont know nothing about password hash method and will verify credentials as valid or invalid.
Anyone have informaiton or ideas how to do it in java?
Petr, cz
Edited by: PetrCZ on May 19, 2010 11:22 PM
Edited by: PetrCZ on May 19, 2010 11:23 PM

You don't need to know the LDAP hash at all to do a bind and user password check. That's against security - why would a administrator let anyone know what hashing he uses - thats letting an important piece of your security out (even though thesemodern hashes are pretty much ir-reversible)
All you need is use Sun JNDI code to do a bind , use authentication method Simple and then gives user's id and password in clear-text. Directory server will itself take care of converting clear text password passed by you and comparing it with hashed user password in LDAP.
From your code perspective if you get a DirContext back - your bind was successful otherwise you will get a NamingEnumeration exception.
try reading through DirContext InitialDirContext ... just do a random search and you should get numerous helper code over internet.

Similar Messages

  • OVD Custom LDAP Bind Plugin

    I need to build a java plug-in for ovd in order to implement a custom ldap bind operation. In my case I am using ovd database adapter to expose a legacy hr application as a ldap directory but the legacy hr application uses the php crypto() function to store a DES hash based version of the end user password into a database table. Any help is more than appreciated.

    i was abe to implement the custom bind plug-in using the following documentation
    http://www.oracle.com/technetwork/middleware/id-mgmt/virtual-directory-custom-plugins-wp-188785.pdf
    http://docs.oracle.com/cd/E21764_01/oid.1111/e10046/adv_cust.htm#CEGJCFGE
    Custom Plug-in Code
    package br.gov.funasa.siarh.vde;
    import com.asn1c.core.Bool;
    import com.octetstring.vde.Credentials;
    import com.octetstring.vde.chain.Chain;
    import com.octetstring.vde.chain.ChainException;
    import com.octetstring.vde.syntax.BinarySyntax;
    import com.octetstring.vde.syntax.DirectoryString;
    import com.octetstring.vde.util.DirectoryException;
    public class CustomBindPlugin extends com.octetstring.vde.chain.BasePlugin {
    public CustomBindPlugin() {
    super();
    public void bind(Chain chain, Credentials creds, DirectoryString dn,
    BinarySyntax password, Bool result) throws DirectoryException,
    ChainException {
    //TO DO: Add equivalent code to check the password using the legacy hr application custom hash algorithm
    result.setValue(true);
    vde-properties.txt file that must be appended in MANIFEST.MF Jar file
    vde-package-classname: br.gov.funasa.siarh.vde.CustomBindPlugin
    vde-package-type: 0
    vde-package-version: 1
    vde-package-description: Custom bind for Siarh tha uses DES to check the user password
    vde-package-name: SiarhCustomBindPlugin
    vde-package-ops-add: false
    vde-package-ops-delete: false
    vde-package-ops-bind: true
    vde-package-ops-modify: false
    vde-package-ops-rename: false
    vde-package-ops-get: false

  • NullPointerException at com.sun.jndi.ldap.Connection.run(Connection.java:52

    We are using the Sun jndi 1.2.1 files from a Java client to
    access the IBM SecureWay Directory 3.2 server. Our test case is
    retrieving entries using the ctx.getAttributes (String, String[])
    method. Occasionally we are receiving the following error.
    java.lang.NullPointerException
    at com.sun.jndi.ldap.Connection.run(Connection.java:525)
    at java.lang.Thread.run(Thread.java:481)
    The java.lang.NullPointerException is coming from the Sun JNDI file.
    Our program is not catching this exception.
    Has anyone seen this problem before and have any ideas on how this can be resolved?

    Download and use LDAP 1.2.3 or JDK 1.3.1.
    The problem should go away.

  • LDAP Bind Failure: Can't contact LDAP server in Presentation Server

    I have configured LDAP configuration in the RPD and am able to connect to the LDAP from the BI server. Its returning the information i need when i test through the admin tool. But when i try to log in from the PS using the same network id and password, it gives me the below error:
    State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused. [53003] LDAP bind failure: Can't contact LDAP server. (08004).
    I know for sure, the network connectivity is working as i get my results back from the BI Server. Please advise, if i need to change other configurations on the Presentation end. As my network folks have run out of ideas. Thx!

    user9125812 wrote:
    Yes, i am pinging from OBIEE Server through the RPD and i am successful.Pinging the OBIEE Server through the RPD? Ping is a DOS command, how can oyu "ping through the RPD".
    Can you go to the server, open a CMD windows and do "ping nsldap.companyname.com" and see if it works. If it works it could be that the LDAP port is blocked by a firewall or OBIEE is not able to make a connection. Make sure you are using the correct port as well. Install an LDAP client in your OBIEE Server and test that you can connect to your LDAP server from your OBIEE Server, not from the RPD. You can use this:
    http://jxplorer.org/

  • Problem removing LDAP binding

    Hello,
    When we set up our 10.6 server we did not know about the message it broadcasts offering to give "services" to clients, ie bind them to LDAP. Last fall several of our boarding students chose this option on their personal macs and they got our school login window and got restricted access to their computer. I showed them how to option-login and deselect management and remember the choice. I then went to the login options and unjoined them from the server.
    On at least one machine, this has not reverted the machine to the usual, unmanaged login box. I have trashed all mcx preferences to no avail. How can I remove all traces of the LDAP binding from this machine?
    Thank you,
    Kevin Kopchynski

    OK, I think I have gotten this done.
    The student actually used their full name on their computer account, which of course we also have on our Open Directory setup. I changed this on his computer so that there will be no conflict.
    I have also determined that the network information such as the green light will show up on a computer that has never been bound to LDAP.
    But it will NOT, as this student's had been, offer the local admin to bypass management or even respond to the option key at login.
    After changing the account I ran through all of the deletions mentioned by Antonio, still got the option to bypass management, but I hit "remember" and refresh preferences. That seemed to be the finishing touch. The machine no longer responds to the option key at login.
    By the time I did this mcxquery showed "no information available"
    Thanks again for the help.
    Kevin Kopchynski

  • Accessing the Binding Layer from Java

    Dear All
    How can i Accessing the Binding Layer from Java code i need details document for it becuase i have complex binding object (object inside object)
    Regards
    Mohd.Weshah

    i know but my case is complicated :
    Dear All
    i have generate a human task based task flow and i create a page with payload object . i have an empiterator whcih include the following attributes :
    - id
    - name
    - telephone
    - department (Complex object) it include another attributes - dept and dept Name
    my question i want to fill the empiterator by java code and fill all attributes including complex object (department ) from java code (my backing bean). \
    you can download a document that describe my problems by images and details :
    [http://www.4shared.com/account/document/fTREP1mv/ADF_Question__2_.html]
    Regards
    Wish79

  • LDAP Bind Failure

    Hi All,
    We are facing the issue "LDAP bind failure:Cant contact LDAP server".
    We are facing for now and then....Can you guys tell me the corrective action to correct this?
    Our LDAP server is Novel e-directory.
    RMD

    Try referring http://rnm1978.wordpress.com/2010/12/02/troubleshooting-obiee-ldap-adsi-authentication/
    Hope it helps

  • How to catch the return value of ldap- bind?

    For net::ldap,
    my $ldap = Net::LDAP->new( .. );
    $ldap->bind($DN,$password);
    if the bind failed, what's the returned value for this?
    Many examples I read suggested "undef" is returned, but looks like it's not the case on Sun Solaris.
    Marg8

    somehow "undef" is not returned.
    for ldap->bind($DN,$password) or die "can't bind";
    it always continue no matter what DN or password you put in.
    So looks to me it returned something else.
    Marg8

  • Binding XML to java types generated using Oracle Class Gen

    Hi,
    how can you bind an XML to the java types generated using the class gen provided byOracle.
    I am using oracle 9i production. as part of my design, i have to read an xml input in my java class and use the contents to create some records and send a response xml back.
    The latter part of i can do as the java types provide setter methods to set the data and conversion to xml.
    Jaxb can be using to bind xml to java datatypes but its not supported in Oracle9i.
    What are the alternatives for achieving the same?
    Thanks
    Ashwin

    Hi Ashwin,
    This is a bit outside my area of expertise, but I did run an older version of TopLink in the Oracle database java VM a few years back so I'll base my advice on that. Hopefully other forum members can correct me if I steer you wrong.
    First you will need to set up your XML environment:
    I believe the Oracle 9i database includes a JDK 1.3 VM. You will first need to determine if the VM includes any JAXP APIs. I believe there is an SQL query that allows you to query the classes available in the VM. First check if javax.xml.parsers.DocumentBuilderFactory is present.
    If the JAXP APIs are already present in the database you will need to do the following. First load the class javax.xml.namespace.QName into the database. You can extract this from xmlparserv2.jar or from Suns Java Web Service Developer Pack jax-qname.jar. Then you will need to load the JAXB APIs. You can load xml.jar or jaxb-api.jar from Sun's JWSDP.
    If the JAXP APIs are not present you will need to load the 10.1.3 version of the XDK jars (these are shipped with the 10.1.3 TopLink install). Load xmlparserv2.jar and xml.jar into the database.
    Second you will need to setup your TopLink environment:
    Load toplink.jar into the database. If the JAXP APIs were already present and you didn't load the 10.1.3 XDK jars into the database you will need to set the following System property.
    toplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform-Blaise

  • Bind variables in java

    Hi, anyone knows how to do bind variables in java using a contains sql statement. I have the following sql statement:
    SELECT mytable.text FROM a_table mytable WHERE CONTAINS (mytable.text, '? WITHIN text',1) > 0
    Here is couple of lines of my java code
    PreparedStatement ps2= conn.prepareStatement(mysql);
    ps2.setString(1,"bond");
    ResultSet rset = ps2.executeQuery();
    Every time I execute this query I get
    ORA-01006: bind variable does not exist
    Please help
    thanks

    user,
    check out.
    Display current DB time
    JBO-25009: Cannot create ...
    Edited by: Erp on Sep 29, 2011 8:46 PM

  • PAS with LDAP bind

    Hi,
    I have a similar requirement re PAS with LDAP bind. Is anybody on SCN able to share your solution?
    Thanks & regards
    Anthony
    Message was edited by: Oisin ONidh
    Branched to a NEW thread as was posted onto an OLD thread. Modify thread to reflect this change
    ITS SCN Moderator

    Hello Anthony,
    Can you provide further details on your query and also it's relation to using ITS/WEBGUI?
    Regards,
    Oisin

  • Augmented users LDAP bind

    Is there a way to bind augmented users, say via "ldapsearch", or make a web authentication by LDAP bind.
    How is apple's collaboration suite authenticating Augmented users.
    Have tried most compinations and just cant bind Augmented users via LDAP.

    Sorry, I posted at wrong location.

  • LDAP (OID) integration with java appilcation

    OID issue Urgent
    Currently we are using the OID-LDAP as the repository for storing username, passwds
    and other attributes. All applications that need authentication will essentially
    be using the OID.
    In our effort to do the same we are encountering the following problems
    - Creation of an identity corresponding the application
    - Giving this identity certain LDAP authorizations (Which authorizations are these)
    We have been successful creating LDAP entries for users and getting the initial
    JNDI contexts to do the lookups.
    When we are creating the user lookup from java code using oracle.ldap.util.User pakage ,
    at the run time it's throwing error(no classfound oracle/net/config/ConfigException ).
    why and where this is needed and how to resolve that. is that because we haven't added
    the application in oid and configured authorizations for it.
    Need an urgent answer to this since all applications will be using LDAP(OID).
    here is code of java which tries to connect to OID.
    ================================================================================================
    import oracle.ldap.util.*;
    import oracle.ldap.util.jndi.*;
    import java.io.*;
    import java.util.*;
    import javax.naming.*;
    import java.Exception.*;
    import javax.naming.directory.*;
    public class hello {
    public static void main(String argv[])
    throws NamingException {
    // Create InitialDirContext
         System.out.println("INSIDE SERVLET");
    InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx( "hire11.kmfl.kg","4032","cn=orcladmin", "ias123" );
    // Create Subscriber object
         System.out.println("GOT CONTEXT" +ctx);
    Subscriber mysub = null;
    /* commented for time being -----------------------------
    try {
    // Creation using DN
    System.out.println("CREATING subscriber");
         mysub = new Subscriber( ctx, Util.IDTYPE_DN, "o=oracle,dc=com", false
         System.out.println("GOT subscriber");
    catch (UtilException e) {
              System.out.println("error");
    // Create User Objects
    User myuser = null, myuser1 = null;
    try {
    // Create User using a subscriber DN and the User DN
         System.out.println("CREATING USERl");
    myuser = new User ( ctx,Util.IDTYPE_DN,           "cn=abhishek,cn=users,dc=kmfl,dc=kg",Util.IDTYPE_DN,"dc=kmfl,dc=kg", true );
         System.out.println("GOT USER");
    // Create User using a subscriber object and the User
    // simple name
    // commented for time being -----------------------------
    myuser1 = new User ( ctx, Util.IDTYPE_SIMPLE, "abhishek", mysub, true );
    catch ( UtilException e ) {
    System.out.println("COUDN'T GET USER"+e.toString());
    // Authenticate User
    try {
         System.out.println("gOING FOR AUTHENTICATION");     
    myuser.authenticateUser(ctx,User.CREDTYPE_PASSWD,"abhi123");
         System.out.println("AUTHENTICATION SuccessFull");
         System.out.println("AUTHENTICATION SUCCESSfULL");
         System.out.println("AUTHENTICATION sUCCESSfULL");
    catch ( UtilException e ) {
    System.out.println("AUTHENTICATION FAILED");
    // Perform User operations
    /* commented for time being -----------------------------
    try {
    PropertySetCollection result = null;
    // Get telephonenumber of user
    String[] userAttrList = {"telephonenumber"};
    result = myuser1.getProperties(ctx,userAttrList);
    Util.printResults(result);
    // Set telephonenumber of user
    // Create JNDI ModificationItem
    ModificationItem[] mods = new ModificationItem[1];
    mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
    new BasicAttribute("telephonenumber", "444-6789"));
    // Perform modification using User object
    myuser.setProperties(ctx, mods);
    catch ( UtilException e ) {
    } // End of SampleUser.java
    ==============================================================================================================

    What about SSL or LDAPS !
    Can't seem to find any java examples which would support services of type:
    ldapbind -U 1,2 for java API !

  • LDAP (OID) integration with java appilcation( Urgent imp.)

    Currently we are using the OID-LDAP as the repository for storing username, passwds
    and other attributes. All applications that need authentication will essentially
    be using the OID.
    In our effort to do the same we are encountering the following problems
    - Creation of an identity corresponding the application
    - Giving this identity certain LDAP authorizations (Which authorizations are these)
    We have been successful creating LDAP entries for users and getting the initial
    JNDI contexts to do the lookups.
    When we are creating the user lookup from java code using oracle.ldap.util.User pakage ,
    at the run time it's throwing error(no classfound oracle/net/config/ConfigException ).
    why and where this is needed and how to resolve that. is that because we haven't added
    the application in oid and configured authorizations for it.
    Need an urgent answer to this since all applications will be using LDAP(OID).
    here is code of java which tries to connect to OID.
    ================================================================================================
    import oracle.ldap.util.*;
    import oracle.ldap.util.jndi.*;
    import java.io.*;
    import java.util.*;
    import javax.naming.*;
    import java.Exception.*;
    import javax.naming.directory.*;
    public class hello {
    public static void main(String argv[])
    throws NamingException {
    // Create InitialDirContext
    System.out.println("INSIDE SERVLET");
    InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx( "hire11.kmfl.kg","4032","cn=orcladmin", "ias123" );
    // Create Subscriber object
    System.out.println("GOT CONTEXT" +ctx);
    Subscriber mysub = null;
    /* commented for time being -----------------------------
    try {
    // Creation using DN
    System.out.println("CREATING subscriber");
    mysub = new Subscriber( ctx, Util.IDTYPE_DN, "o=oracle,dc=com", false
    System.out.println("GOT subscriber");
    catch (UtilException e) {
    System.out.println("error");
    // Create User Objects
    User myuser = null, myuser1 = null;
    try {
    // Create User using a subscriber DN and the User DN
    System.out.println("CREATING USERl");
    myuser = new User ( ctx,Util.IDTYPE_DN, "cn=abhishek,cn=users,dc=kmfl,dc=kg",Util.IDTYPE_DN,"dc=kmfl,dc=kg", true );
    System.out.println("GOT USER");
    // Create User using a subscriber object and the User
    // simple name
    // commented for time being -----------------------------
    myuser1 = new User ( ctx, Util.IDTYPE_SIMPLE, "abhishek", mysub, true );
    catch ( UtilException e ) {
    System.out.println("COUDN'T GET USER"+e.toString());
    // Authenticate User
    try {
    System.out.println("gOING FOR AUTHENTICATION");
    myuser.authenticateUser(ctx,User.CREDTYPE_PASSWD,"abhi123");
    System.out.println("AUTHENTICATION SuccessFull");
    System.out.println("AUTHENTICATION SUCCESSfULL");
    System.out.println("AUTHENTICATION sUCCESSfULL");
    catch ( UtilException e ) {
    System.out.println("AUTHENTICATION FAILED");
    // Perform User operations
    /* commented for time being -----------------------------
    try {
    PropertySetCollection result = null;
    // Get telephonenumber of user
    String[] userAttrList = {"telephonenumber"};
    result = myuser1.getProperties(ctx,userAttrList);
    Util.printResults(result);
    // Set telephonenumber of user
    // Create JNDI ModificationItem
    ModificationItem[] mods = new ModificationItem[1];
    mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
    new BasicAttribute("telephonenumber", "444-6789"));
    // Perform modification using User object
    myuser.setProperties(ctx, mods);
    catch ( UtilException e ) {
    } // End of SampleUser.java
    ==============================================================================================================

    Hi,
    Make sure you have the netcfg.jar in the same directory as that of ldapjclnt9.jar (in $ORACLE_HOME/jlib).
    Regards
    Radhika

  • LDAP binding

    Hi,
    I have been trying to bind to an LDAP server with JNDI methods, but there is no way to get it work. When I try to execute the search I get the exception "Error code 49, invalid credentials". The main code is this:
    Hashtable env = new Hashtable();
    //Afegim els par�metres escaients a la taula.
    env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, parameters.get(PROVIDER_URL));
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "cn=user,cn=users,dc=dmz,dc=int");
    env.put(Context.SECURITY_CREDENTIALS, "mypassword");
    //Inicialitzaci� d'una refer�ncia al context
    DirContext ctx = new InitialDirContext(env);
    //Especificaci� de la part on es far� la cerca a l'arbre (cerca en el
    //subarbre a partir de l'arrel indicada).
    SearchControls constraints = new SearchControls();
    constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
    //Enumeraci� on s'obtindran els resultats corresponents a la cerca.
    NamingEnumeration results = ctx.search( (String) parameters.get(SEARCHBASE), filter, constraints);
    --In case I modify that code and comment line with SECURITY_PRINCIPAL variable, it works, but I can't validate the password. I have tried with changind that parameter, with things like "uid=username,cn=users,..." or "dn:cn=username,cn=users,..." and things like that. If someone can tell me exactly the form I have to write that variable I would be very thankful. I have also read something about write there the sAMAccount name, but I don't have any idea about it.
    Thanks,
    josep

    Did some more testing with our operations deparment and this seems to be
    an error on our ldap server with some users.
    Sorry for taking up your time.
    Regards,
    Michael.
    mikeso
    mikeso's Profile: http://forums.novell.com/member.php?userid=48915
    View this thread: http://forums.novell.com/showthread.php?t=367505

Maybe you are looking for

  • IPhoto won't recognize *.MOV file for playing and for importing

    My iPhoto is giving me an "unreadable file format" error on *.mov files after I upgraded to iPhoto '11.   I have problem with video files that were working in iPhoto before and on files trying to import from my iphone or from my camera.   I made new

  • Conferencing problems...please help

    I am using CCM 4.0 and i was having problems conferencing two calls. My setup is as such that i am using G.711 for local extension and G.723 for external extensions. For this i have created two regions for local and external gateway. What happens is

  • Trouble opening file

    I can't open an iBooks Author file, sized 1,2GB. What should I do?

  • Screen sharing from one iPad to another

    Is there any app that will let someone mirror their iPad onto someone else's iPad?

  • Riscos no vidro

    Bom dia, infelizmente percebi que a qualidade do  vidro (tela touch) não é a mesma, nesse iPod touch 5G muitos riscos em pouco tempo. Atenciosamente Junior Lopes