Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

JNDI authentication question

Posted on 2004-09-09
7
Medium Priority
?
853 Views
Last Modified: 2013-11-24
In my code, pasted below, I can get a list of users and their email addresses. I can paste this class into any code and it would get a list of users in a domain. What I DON'T want is for users to have to instantiate the ADConnection class with a username and password.

Is there a way to impersonate a currently logged on user using JNDI? Is there another way to do this?

public class ADConnection {

      private DirContext ldapContext;

      private String baseName;

      private String serverIP;

      private String user;

      private String passwd;

      public ADConnection(String baseDN, String serverIP, String user,
                  String passwd) {

            this.baseName = baseDN;
            this.serverIP = serverIP;
            this.user = user;
            this.passwd = passwd;

            try {
                  Hashtable ldapEnv = new Hashtable(11);

                  ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY,
                              "com.sun.jndi.ldap.LdapCtxFactory");
                  ldapEnv.put(Context.PROVIDER_URL, "ldap://" + serverIP + ":389");
                  if (user != null) {
                        ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
                        ldapEnv.put(Context.SECURITY_PRINCIPAL, user);
                        ldapEnv.put(Context.SECURITY_CREDENTIALS, passwd);
                  }
                  ldapContext = new InitialDirContext(ldapEnv);
            } catch (Exception e) {
                  System.out.println(" bind error: " + e);
                  e.printStackTrace();
                  System.exit(-1);
            }
      }

      public NamingEnumeration search() {
            SearchControls ctls = new SearchControls();

            ctls.setReturningObjFlag(true);
            String filter = "(objectclass=*)";
            NamingEnumeration answer = null;
            try {
                  answer = ldapContext.search(baseName, filter, ctls);
            } catch (NamingException e) {
                  e.printStackTrace();
            }
            //printSearchEnumeration(answer);
            return answer;
      }

      public static void printSearchEnumeration(NamingEnumeration enum) {
            try {
                  while (enum.hasMore()) {
                        SearchResult sr = (SearchResult) enum.next();
                        Attributes attrib = sr.getAttributes();

                        System.out.println(sr.getName() + ": " + attrib.get("mail"));
                  }
            } catch (NamingException e) {
                  e.printStackTrace();
            }
      }

      public static void main(String[] args) {
            ADConnection adc = new ADConnection(
                        "ou=Users, ou=My Domain, dc=dc, dc=local", "domainC",
                        "test@dc.local", "Password123");
            NamingEnumeration searchResult;

            searchResult = adc.search();
            printSearchEnumeration(searchResult);
            System.out.println("done");
      }
}
0
Comment
Question by:thefallguy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:girionis
ID: 12024103
You can certainly get the username of the suer logged in (using the "user.name" property) but you cannot get the password. I am afraid the users will need to enter the password somehow.
0
 
LVL 1

Author Comment

by:thefallguy
ID: 12026404
Forgive my ignorance, but how do I access the user.name property.

I guess what i was trying to ask is that if there is any way to do this using Kerberos that wouldnt require any password entry.
0
 
LVL 35

Expert Comment

by:girionis
ID: 12026619
Just use:

String userName = System.getProperty("user.name");

and it should return the login name of the user currently logged on.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:thefallguy
ID: 12027640
is there  a way to use kerberos to impersonate the user??
0
 
LVL 35

Accepted Solution

by:
girionis earned 500 total points
ID: 12041604
I am not sure, sorry, I never used kerberos and not sure how it works. Mayeb the following links will help though:

http://www.doc.ic.ac.uk/csg/faqs/servlets/kerbjava.html
http://www-106.ibm.com/developerworks/java/library/j-gssapi/
http://java.sun.com/products/jndi/saslmechs.html
0
 
LVL 1

Author Comment

by:thefallguy
ID: 12046506
arite... figured it out... need to use the ntloginmodule.
0
 
LVL 35

Expert Comment

by:girionis
ID: 12051706
:)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question