This is my Java Code, I created a domain named: trial.com, in which I created a user named "test1#trial.com".
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.AuthenticationException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.ldap.LdapContext;
import javax.naming.directory.DirContext;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.BasicAttribute;
import java.util.Hashtable;
public class Password_ADTesting{
public static void main(String[] args){
LdapContext ctx = null;
try{
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "Simple");
env.put(Context.SECURITY_PRINCIPAL, "test1#trial.com"); //"tom#trial.com"
env.put(Context.SECURITY_CREDENTIALS, "Panda123*"); //"Panda123*"
env.put(Context.PROVIDER_URL, "ldap://localhost:389/dc=trial,dc=com");
ctx = new InitialLdapContext(env,null);
System.out.println("Connection Successfull");
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword","Panda23*"));
ctx.modifyAttributes("CN=Test1,CN=Users,DC=trial,DC=com", mods);
//"CN=Test1,CN=Users,DC=trial,DC=com"
System.out.println("Success");
}catch(AuthenticationException authEx) {
System.out.println("Active Directory Authentication failed");
authEx.printStackTrace();
}catch(Exception e){
System.out.println("Password Cannot be Changed");
e.printStackTrace();
}
}
}
When I run the code I get the following error:
C:\Users\Administrator\Desktop>java Password_ADTesting
Connection Successfull
Password Cannot be Changed
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310028C, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=trial,DC=com'
]; remaining name 'CN=Test1,CN=Users,DC=trial,DC=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3284)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1504)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:277)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:192)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:181)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167)
at Password_ADTesting.main(Password_ADTesting.java:30)
I get authenticated, but not able to change the password. It shows name not found exception. But when I find the distinguished name attribute, it's correct as shown below:
Could someone help me out with this???
Related
I'm having an issue with adding a user to my LDAP server in Java.
Here's what my code looks like
import java.util.Hashtable;
import java.util.Properties;
import java.util.jar.Attributes;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
public class LdapProgram {
public static void main(String[] args) {
String dn = "";
String password = "";
Properties properties = new Properties();
properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
properties.put(Context.PROVIDER_URL, "ldap://127.0.0.1");
properties.put(Context.SECURITY_AUTHENTICATION,"none");
properties.put(Context.SECURITY_PRINCIPAL,password);
properties.put(Context.SECURITY_CREDENTIALS,dn);
// TODO code application logic here
// entry's DN
String entryDN = "uid=test_user,ou=people,dc=test123,dc=com";
// entry's attributes
Attribute cn = new BasicAttribute("cn", "tester");
Attribute uid = new BasicAttribute("uid", "tester");
Attribute gecos = new BasicAttribute("gecos", "test");
Attribute oc = new BasicAttribute("objectClass");
oc.add("top");
oc.add("person");
oc.add("organizationalPerson");
oc.add("inetOrgPerson");
DirContext ctx = null;
try {
// get a handle to an Initial DirContext
ctx = new InitialDirContext(properties);
// build the entry
BasicAttributes entry = new BasicAttributes();
entry.put(cn);
entry.put(uid);
entry.put(gecos);
entry.put(oc);
// Add the entry
ctx.createSubcontext(entryDN, entry);
// System.out.println( "AddUser: added entry " + entryDN + ".");
} catch (NamingException e) {
System.err.println("AddUser: error adding entry.\n" + e);
}
}
}
Here is the error code I get: javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - modifications require authentication]; remaining name 'uid=test_user,ou=people,dc=test123,dc=com'
I'm not understanding why it's saying it requires authentication when I'm already binded to the server with the admin user and password.
Refer to the code below. It works fine on Windows and Mac but not on Linux. It does not call the MySSLSocketFactory class and as a result, the cert is not trusted. Any suggestions???
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
public class LdapBaseDN {
public static void main(String[] args) {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "none");
env.put(Context.PROVIDER_URL, "ldaps://MyServerIP:636");
env.put(Context.SECURITY_PROTOCOL, "ssl");
env.put(Context.REFERRAL, "follow");
env.put("java.naming.ldap.factory.socket", MySSLSocketFactory.class.getName()); //MySSLSocketFactory does not get called on Linux
try {
DirContext ldapContext = new InitialDirContext(env);
System.out.println("Connected successfully ");
} catch (Exception e) {
e.printStackTrace(); //SSLHandshake fails because Cert is not trusted on Linux
}
}
}
I am writing a java class inside which I have two methods. One is for connecting to LDAP. The other is passing parameter and bringing the desired values.
For the connection method I want to return 1 if connection is successful and return 0 if connection failed.
here is my code:
public static boolean connection(String Prvd_url)
{
env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,Prvd_url);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, new String("" + "\\" + ""));
env.put(Context.SECURITY_CREDENTIALS, "");
env.put(Context.REFERRAL, "ignore");
try {
ctx = new InitialDirContext(env);
return true;
}catch(NamingException ex)
{
System.out.println("Error:" + ex.toString());
return false;
}
}
At NamingException it is giving error symbol not found
I have following imports in program:
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.*;
import java.util.Hashtable;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
try to add:
import javax.naming.NamingException;
if you are using eclipse simply press ctrl+shift+o
i need to consume a web service developed with java web logic server, usernametoken and client certificate are used to invoke the service.
and i got the java code to call web service as below
import javax.ejb.CreateException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import java.rmi.RemoteException;
import weblogic.wtc.jatmi.TPException;
import weblogic.wtc.jatmi.TypedString;
import weblogic.wtc.jatmi.Reply;
import weblogic.wtc.jatmi.TuxedoReply;
import weblogic.wtc.jatmi.TPServiceInformation;
import weblogic.wtc.jatmi.TypedFML32;
import weblogic.wtc.jatmi.TuxedoService;
import weblogic.wtc.jatmi.TypedBuffer;
import java.util.StringTokenizer;
import java.io.IOException;
import javax.xml.rpc.ServiceException;
import MMSWbSrv.*;
import java.util.Properties;
import java.text.SimpleDateFormat;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.FileInputStream;
import java.security.cert.X509Certificate;
import weblogic.security.SSL.TrustManager;
import weblogic.xml.crypto.wss.provider.CredentialProvider;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.wsee.security.bst.ClientBSTCredentialProvider;
import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
import java.security.cert.X509Certificate;
import weblogic.wsee.security.util.CertUtils;
import javax.xml.rpc.Stub;
import java.util.List;
import java.util.ArrayList;
import java.util.regex.*;
import weblogic.wtc.jatmi.TypedFML32;
public class MMSTest
{
public static void main(String args[]) throws Throwable
{
Properties sysProps = System.getProperties();
sysProps.setProperty("http.proxyHost","XXX.XX.X.XX");
sysProps.setProperty("http.proxyPort","XXXX");
sysProps.setProperty("weblogic.webservice.transport.http.proxy.host", "XXX.XX.X.XX");
sysProps.setProperty("weblogic.webservice.transport.http.proxy.port", "XXXX");
sysProps.setProperty("http.proxySet","true");
sysProps.setProperty("weblogic.webservice.verbose","true");
sysProps.setProperty("javax.net.ssl.trustStore","D:/weblogic92/server/lib/DemoTrust.jks");
System.out.println("proxyHost::"+ sysProps.getProperty("http.proxyHost"));
System.out.println("proxyPort::"+ sysProps.getProperty("http.proxyPort"));
MMSService service = null;
MMSPortType port = null;
try{
System.out.println("before..");
service = new MMSService_Impl("http://XXX.XX.X.XX/MMS/Service?wsdl");
System.out.println("after..");
if(service==null)
System.out.println("NULL SERVICE");
System.out.println("got service...");
port = service.getMMSServicePort();
if(port==null)
System.out.println("NULL PORT");
}
catch(ServiceException svcEx)
{
System.out.println("In ServiceXexception");
}
List credProviders = new ArrayList();
System.out.println("After cred");
String clientCertFile = "F:/client-cert.der";
String keyFile = "F:/client-key-pkcs8.der";
String username = "userName" ;
String password = "Password" ;
CredentialProvider cp = new ClientBSTCredentialProvider(clientCertFile, keyFile);
credProviders.add(cp);
System.out.println("credProviders:"+credProviders);
System.out.println("cp:"+cp+":");
String strret= "";
try{
cp = new ClientUNTCredentialProvider(username, password);
credProviders.add(cp);
Stub stub = (Stub)port;
System.out.println("before");
stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
System.out.println("after");
stub._setProperty(WSSecurityContext.TRUST_MANAGER,
new TrustManager()
{
public boolean certificateCallback(X509Certificate[] chain, int validateErr)
{
return true;
}
}
);
String strArg = "Parameters";
strret = port.sendData(strArg);
}
catch(Exception e)
{
System.out.println("JJJ");
e.printStackTrace();
}
System.out.println("strret:"+strret);
}
}
and also .pfx format client certificate and .key file .
So using WSE3.0 i try to consume the service like below
WebReference.MMSServiceWse wse = new MMSServiceWse();
UsernameToken token = new UsernameToken("XXXX", "XXXX", PasswordOption.SendPlainText);
wse.RequestSoapContext.Security.Tokens.Add(token);
X509Certificate2 cert = new X509Certificate2(#"D:\\certificate.pfx","",X509KeyStorageFlags.MachineKeySet);
wse.ClientCertificates.Add(cert);
wse.SetPolicy("ClientPolicy");
//System.Net.ServicePointManager.CertificatePolicy =new TrustAllCertificatePolicy();
String strArg = "Param";
strArg= wse.sendData(strArg);
but i have got exception.
When this happens to me, it is usually because the time on the server and the client are too different. The security token has a validity period and if you're not in sync, it seems expired or worse, in the future.
I am facing some difficulties while listing all the users in the Active Directory. I reached to the group, but unfortunately, I could not retrieve all the users. I am looking for the user Full Names, usernames, directorate. My code is:
package client;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.*;
import java.util.Enumeration;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.directory.*;
public class AD1 {
public AD1() {
super();
}
public static String usersContainer = "cn=XX,ou=XX,ou=Groups,dc=XX,dc=XX,dc=XXX";
public static void main(String[] args) {
try {
LdapContext ctx = null;
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "Simple");
//it can be <domain\\userid> something that you use for windows login
//it can also be
env.put(Context.SECURITY_PRINCIPAL, "username");
// env.put(Context.SECURITY_CREDENTIALS, "password");
try {
env.put(Context.SECURITY_CREDENTIALS, "password".getBytes("UTF8"));
}
catch (java.io.UnsupportedEncodingException e) { /* ignore */ }
//in following property we specify ldap protocol and connection url.
//generally the port is 389
env.put(Context.PROVIDER_URL, "ldap://IP:PORT");
ctx = new InitialLdapContext(env, null);
System.out.println("Connection Successful.");
DirContext ctx1 = new InitialDirContext(env);
SearchControls ctls = new SearchControls();
String[] attrIDs = { "distinguishedName","cn","name","uid",
"sn",
"givenname",
"memberOf",
"samaccountname",
"userPrincipalName" };
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration answer = ctx1.search( usersContainer, "(objectClass=user)", ctls );
System.out.print("Out while loop");
while(answer.hasMore()) {
System.out.print("while loop11");
SearchResult rslt = (SearchResult)answer.next();
Attributes attrs = rslt.getAttributes();
System.out.println(attrs.get("uid"));
ctx1.close();
}
} catch(NamingException nex) {
System.out.println("Active Directory Connection: FAILED");
nex.printStackTrace();
}
}
}
Can anyone help.
As it's active directory and not real ldap your talking about, can you help us with more details about ldap/active directory configuration ?
It's kind hard to help you with informations you give
Edit 1:
your problem is here no ?
while(answer.hasMore()) {
System.out.print("while loop11");
SearchResult rslt = (SearchResult)answer.next();
Attributes attrs = rslt.getAttributes();
//System.out.println(attrs.get("uid"));
System.out.println(attrs.get("cn"));
ctx1.close();
}