用户名+密码登录ldap服务器，注意密码没有存储在ldap中的password

用用户名+密码模拟登录ldap服务器，不是从ldap中获取密码比较

public class LdapUserAuthenticate {
private String URL = "ldap://10.41.83.236:389/";
private String BASEDN = "dc=zte,dc=intra";
private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
private LdapContext ctx = null;
private Hashtable<String, String> env=null;
private Control[] connCtls = null;
private SearchResult searchResult;

private void connectToLDAPServer() {
env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
env.put(Context.PROVIDER_URL, URL + BASEDN);// LDAP server
env.put(Context.SECURITY_AUTHENTICATION, "simple");
// 此处若不指定用户名和密码,则自动转换为匿名登录
env.put(Context.SECURITY_PRINCIPAL,
"cn=gitlab,ou=NM,ou=Central R&D Institute,ou=R&D Institute,dc=zte,dc=intra");
env.put(Context.SECURITY_CREDENTIALS, "gitlab");
try {
connCtls = new Control[] { new LdapADManagerControl() };
ctx = new InitialLdapContext(env, connCtls);
} catch (javax.naming.AuthenticationException e) {
System.out.println("Authentication faild: " + e.toString());
} catch (Exception e) {
System.out.println("Something wrong while authenticating: " + e.toString());
}
}

class LdapADManagerControl implements Control {

@Override
public String getID() {
// TODO Auto-generated method stub
return null;
}

@Override
public boolean isCritical() {
// TODO Auto-generated method stub
return false;
}

@Override
public byte[] getEncodedValue() {
// TODO Auto-generated method stub
return null;
}

}

private String getUserDN(String ID) {
String userDN = "";
connectToLDAPServer();
try {
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<?> en = ctx.search("", "sAMAccountName=" + ID, constraints);
if (en == null) {
System.out.println("Have no NamingEnumeration.");
}
if (!en.hasMoreElements()) {
System.out.println("Have no element.");
}
while (en != null && en.hasMoreElements()) {// maybe more than one // // element
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
userDN += si.getName();
userDN += "," + BASEDN;
searchResult = si;
} else {
System.out.println(obj);
}
}
} catch (Exception e) {
System.out.println("Exception in search():" + e);
}
return userDN;
}

public String authenricate(String ID, String password) {
String username = null;
if (ID.equals("") || password.equals(""))
return null;
else {
String userDN = "";
try {
userDN = getUserDN(ID);
if (userDN.equals(""))
return null;
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
ctx.reconnect(connCtls);
String longName = (String)searchResult.getAttributes().get("CN").get();
username = longName.split("\\d+")[0];
return username;
} catch (AuthenticationException e) {
System.out.println(userDN + " is not authenticated");
System.out.println(e.toString());
} catch (NamingException e) {
System.out.println(userDN + " is not authenticated");
}catch (Exception e) {
System.out.println(userDN + " is not authenticated");
}
return null;
}
}
}

LdapUserAuthenticate authen = new LdapUserAuthenticate();
username = authen.authenricate(userid,password);
if (username == null) {
System.out.println("登陆失败");
response.sendRedirect("login.html");
}else{
System.out.println("登陆成功");
CookieUtil.addCookie(response, "userName", username, 1800);
response.sendRedirect(referer);
}