?
Solved

Active Directory, JNDI, and retrieving Data

Posted on 2003-11-27
3
Medium Priority
?
1,211 Views
Last Modified: 2013-11-24
I am having a very difficult time getting my head around LDAP and how to use JNDI.  I have read all the examples and searched the net, but none of the examples ever work for me, no matter how much I manipulate them.  

I am trying to connect to a Windows Server 2003 and retrieve attributes for a particular user.  My company wants to use the Windows authentication for user's wishing to access employee only websites outside the company.  I need to use JNDI in my servlet to authenticate the user.  

This part I have accomplished (see code below).  But I also want to store/retrieve attributes concerning what privileges the user has (what menu's to display, etc.)  But when I attempt to call getAttributes() an error is thrown.  I am assuming it is my arguments in getAttributes, but I don't know what type of arguments to use what is required for it to work properly.  I have used as many variations as I can think of.  Is there a tool to connect to the Active Directory and explore?  I downloaded an ldap browser, which connects, but I can never get in to see anything of value (it asks for a Base DN which I think is the problem).  I have also tried to do searches which also result in an error of similar nature to the one below.

javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006D9, data 0, 1 access points
      ref 1: 'int.mycompany.com'
]; remaining name 'cn=ngalloway,cn=users,DC=int,DC=mycompany,DC=com'
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2780)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2697)
      at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1268)
      at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:109)
      at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:121)
      at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:116)
      at com.pason.testapps.ldap.LDAPTest.main(LDAPTest.java:69)


/* The Code */

        try
        {
            Hashtable env = new Hashtable();

            env.put(Context.INITIAL_CONTEXT_FACTORY, INITCTX);
            env.put(Context.PROVIDER_URL, MY_HOST);
            env.put(Context.SECURITY_AUTHENTICATION, "simple");
            env.put(Context.SECURITY_PRINCIPAL, "ngalloway@mycompany.com");
            env.put(Context.SECURITY_CREDENTIALS, "mypassword");

            // Get a reference to a directory context
            System.out.println("Getting InitialDirContext");
            DirContext ctx = new InitialDirContext(env);

            Attributes answer = ctx.getAttributes("cn=ngalloway,cn=users,DC=int,DC=mycompany,DC=com");

            for (NamingEnumeration ae = answer.getAll(); ae.hasMore();)
            {
                Attribute attr = (Attribute)ae.next();
                System.out.print(" Attribute: " + attr.getID());
                //Print each value
                for(NamingEnumeration e = attr.getAll(); e.hasMore();)
                {
                    System.out.println(" Value: " + e.next());
                }
            }
0
Comment
Question by:ngalloway
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Accepted Solution

by:
nimaig earned 1200 total points
ID: 10162161
I got the same problem.

Putting  :

env.put(Context.REFERRAL, "follow");


solved the problem.
0
 

Author Comment

by:ngalloway
ID: 10679048
Well this lets me authenticate.  My getAttributes just hangs there now and doesn't return.  On to that problem.  Thanks.
0
 

Expert Comment

by:zhentinglu
ID: 11833344
The solution doesn't fix my problem. In my case, user try to search from the root and the setting is: authentication.extension.ldap.user.baseDN=dc=dev, dc=com.  The following is the tree looklike.

dc=dev, dc=com  (root)
     USER
         u1

The search returned as "cn=u1, cn=USER".

NamingEnumeration ae = context.search(fBaseDN, queryFilter, s);
SearchResult result = (SearchResult)ae.next();
String userObjectName = result.getName();
if ( ae.hasMore() )              (Failed here and exception happens)
{
     ...................
}
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Suggested Courses
Course of the Month8 days, 15 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question