Re: How do I bind to LDAP with a username/password

laredotornado wrote:

Hi,

I'm using Java 1.5. Does anyone know how I can bind to an LDAP server
with a username and password? Note that this is different from
authenticating against an LDAP server with a username and password.

Authentication against LDAP normally works by attempting to bind with the
supplied credentials. Failure to bind indicates a failure to authenticate.

The only other way to do it would be to bind with some master credentials which
had full read access (including passwords), perform a search for the
SECURITY_PRINCIPAL, fetch the encrypted password for that DN and compare it to
the SECURITY_CREDENTIALS (after suitable encryption of said
SECURITY_CREDENTIALS).

That I can set up like so ...

Hashtable env = new Hashtable(5, 0.75f);
...
env.put(Context.SECURITY_PRINCIPAL, name+"@" + this.domain);
env.put(Context.SECURITY_CREDENTIALS, pass);
...
InitialLdapContext context = null;
context = new InitialLdapContext(env, null);

I was looking at ways of writing the LDAP connect string (http://
www.rlmueller.net/LDAP_Binding.htm), and there seems to be a place for
the bind username ("cn") but I can't see where the password would go.

and this does the former method, i.e. binding as SECURITY_PRINCIPAL to test
authentication.


Any help is appreciated, - Dave

I think you've already helped yourself, you just don't realize it...

What operation are you wanting to perform on the directory after you've bound to
it?

P.S. Beware the very confusing terminology in JNDI where "bind" means "add",
rather than in LDAP where it means "connect". When you "bind" with JNDI you are
adding an entry into the directory.

--
Nigel Wade
.

Relevant Pages

  • Re: pam_ldap and password management and rsh/ssh without password
    ... >> authentication that doesn't require a password will fail. ... > using an LDAP control that's returned as part of an ldap bind operation ... > pam_ldap has to actually be able to bind to the ldap server as the user ... > shadowAccount attributes. ...
    (comp.unix.solaris)
  • Re: pam_ldap and password management and rsh/ssh without password
    ... >> authentication that doesn't require a password will fail. ... > using an LDAP control that's returned as part of an ldap bind operation ... > pam_ldap has to actually be able to bind to the ldap server as the user ... > shadowAccount attributes. ...
    (comp.security.unix)
  • Re: Random logon failure with ADAM Bind Proxy
    ... Could he also just bind to RootDSE in order to force an authentication? ... > Username should not be case sensitive. ... > and Windows 2003 server with ADAM on it. ...
    (microsoft.public.windows.server.active_directory)
  • How do I bind to LDAP with a username/password
    ... authenticating against an LDAP server with a username and password. ... InitialLdapContext context = null; ... the bind username but I can't see where the password would go. ...
    (comp.lang.java.programmer)
  • Re: How do I bind to LDAP with a username/password
    ... Does anyone know how I can bind to an LDAP server ... authenticating against an LDAP server with a username and password. ... ~ Astrid Heiberg president of the International Federation of Red Cross and Red Crescent Societies ...
    (comp.lang.java.programmer)