Re: How do I bind to LDAP with a username/password

On Mar 11, 4:18 am, Nigel Wade <n...@xxxxxxxxxxxx> wrote:
laredotornadowrote:
Hi,

I'm using Java 1.5.  Does anyone know how I can bind to an LDAP server
with a username and password?  Note that this is different from
authenticating against an LDAP server with a username and password.

Authentication against LDAP normally works by attempting to bind with the
supplied credentials. Failure to bind indicates a failure to authenticate..

The only other way to do it would be to bind with some master credentials which
had full read access (including passwords), perform a search for the
SECURITY_PRINCIPAL, fetch the encrypted password for that DN and compare it to
the SECURITY_CREDENTIALS (after suitable encryption of said
SECURITY_CREDENTIALS).

That I can set up like so ...

      Hashtable env = new Hashtable(5, 0.75f);
      ...
      env.put(Context.SECURITY_PRINCIPAL, name+"@" + this.domain);
      env.put(Context.SECURITY_CREDENTIALS, pass);
      ...
      InitialLdapContext context = null;
      context = new InitialLdapContext(env, null);

I was looking at ways of writing the LDAP connect string (http://
www.rlmueller.net/LDAP_Binding.htm), and there seems to be a place for
the bind username ("cn") but I can't see where the password would go.

and this does the former method, i.e. binding as SECURITY_PRINCIPAL to test
authentication.



Any help is appreciated, - Dave

I think you've already helped yourself, you just don't realize it...

What operation are you wanting to perform on the directory after you've bound to
it?

P.S. Beware the very confusing terminology in JNDI where "bind" means "add",
rather than in LDAP where it means "connect". When you "bind" with JNDI you are
adding an entry into the directory.

--
Nigel Wade

I'm so new to this I'm still not seeing the answer in your reply.
Often you connect anonymously to LDAP and then run a query passing in
different username/passwords to see if they authenticate. In this
case I want to connect with master credentials and then run queries
authenticating others using the

env.put(Context.SECURITY_PRINCIPAL, name+"@" + this.domain);
env.put(Context.SECURITY_CREDENTIALS, pass);

syntax. But how do I connect as the master credentials? IOW, what
code or other URL syntax should I be using before I can perform the
query operation above?

Thanks for your help, - Dave
.

Relevant Pages

  • Re: wich user is logged on?
    ... > domains, or be local accounts. ... they all use the same db for authenticating but everyone is tired of ... entering their username and pwd and since the comp asks for password go ... information of user privilegies somewhere... ...
    (microsoft.public.vb.winapi)
  • Re: Exchange 2003 POP3 authentication failure (bug?)
    ... users when authenticating with the DOMAIN\username format. ... even if duplicated usernames exist in multiple domains. ... format simply because Exch doesnt assume that the mailbox alias ... the username, it doesnt like it. ...
    (microsoft.public.exchange.admin)
  • Re: FormsAuthentication Fails
    ... Are you authenticating with username email@email.com? ... username which was used in authentication to RefirectFrom...... ... Matjaz Ladava, MCSE (NT4 & 2000) ... "Caroline Bogart" wrote in message ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Stuck at "Authenticating"
    ... > It seems when I boot up WoW and type in my Username and Password it goes ... > through the connecting stages and halts at authenticating, ...
    (alt.games.warcraft)
  • Re: log on locally FTP??? What is this?
    ... >From outside the System you must designate what domain the account exists ... You have to prefix the username with the Domain name ... when authenticating. ...
    (microsoft.public.windows.server.networking)