active|标准在ActiveDirectory中 支持 LDAP 协议,我们可以在 Java 中使用标准的 Java JNDI API 来访问它。LDAP 服务器并非真的必须支持 JNDI API,只要支持 LDAP 协议就可以了。我们已经提供了一个简单的测试案例程序来认证一个 LDAP 服务器的识别名。一般情况下,对待 ActiveDirectory 不必与对待任何其他的 LDAP 服务器有什么不同。
import java.util.Properties;import javax.naming.*; import javax.naming.directory.*;//include the JNDI in the classpath. You should use the same JDK used by WebSphere Application server.class wasLdapAuth {public static void main(String[] args) { //***************** user information to be authenticated ******************************** //*****************Please modify the following three properties accordingly ************ String ldapHost= "ldap://cliang1.austin.ibm.com:389"; //ldap host + port number String DN = "cn=user1, ou=Austin,o=ibm,c=us"; // DN to be authenticated String password = "security"; // DN's password //***************** End of user information Properties props = new Properties(); props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); //for websphere 4.0 and 5.0 //props.put(Context.INITIAL_CONTEXT_FACTORY, "com.ibm.jndi.LDAPCtxFactory"); // for WebSphere 3.5 release props.put(Context.SECURITY_AUTHENTICATION, "simple"); //use simple authentication mechanism props.put(Context.SECURITY_CREDENTIALS, password); props.put(Context.SECURITY_PRINCIPAL, DN); props.put(Context.PROVIDER_URL, ldapHost); long start = System.currentTimeMillis(); long end=0; long time =0; try { System.out.println("authenticating"); DirContext ctx = new InitialDirContext(props); System.out.println("authenticated"); end = System.currentTimeMillis(); time = end - start; System.out.println( "authentication takes = " + time + " millis"); System.out.println("successfully authenticate DN: "+DN); } catch (Exception ex) { end = System.currentTimeMillis(); time = end - start; System.out.println("Exception is "+ex.toString()); ex.printStackTrace(); System.out.println( "authentication takes = " + time + " millis"); System.out.println("fail to authenticate DN: "+DN); }}} 
