-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathActiveDirectory.java
More file actions
138 lines (122 loc) · 5.24 KB
/
ActiveDirectory.java
File metadata and controls
138 lines (122 loc) · 5.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package ADCrawler;
import java.util.Properties;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
/**
* Query Active Directory using Java
*
* @filename ActiveDirectory.java
* @author <a href="mailto:jeeva@myjeeva.com">Jeevanandam Madanagopal</a>
* @copyright © 2010-2012 www.myjeeva.com
*/
public class ActiveDirectory {
// Logger
private static final Logger LOG = Logger.getLogger(ActiveDirectory.class.getName());
//required private variables
private Properties properties;
private DirContext dirContext;
private SearchControls searchCtls;
private String[] returnAttributes = {"sAMAccountName", "givenName", "cn", "mail", "sn"};
private String domainBase;
private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))";
private String domainController;
/**
* constructor with parameter for initializing a LDAP context
*
* @param username a {@link java.lang.String} object - username to establish a LDAP connection
* @param password a {@link java.lang.String} object - password to establish a LDAP connection
* @param domainController a {@link java.lang.String} object - domain controller name for LDAP connection
*/
public ActiveDirectory(String username, char[] password, String dc) {
properties = new Properties();
domainController = dc;
properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
properties.put(Context.PROVIDER_URL, "LDAP://" + domainController);
properties.put(Context.SECURITY_PRINCIPAL, username + "@" + domainController);
properties.put(Context.SECURITY_CREDENTIALS, password);
//initializing active directory LDAP connection
}
public boolean isAuthenticated() {
try {
dirContext = new InitialDirContext(properties);
} catch (Exception e) {
return false;
}
//default domain base for search
domainBase = getDomainBase(domainController);
//initializing search controls
searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
searchCtls.setReturningAttributes(returnAttributes);
return true;
}
/**
* search the Active directory by username/email id for given search base
*
* @param searchValue a {@link java.lang.String} object - search value used for AD search for eg. username or email
* @param searchBy a {@link java.lang.String} object - scope of search by username or by email id
* @param searchBase a {@link java.lang.String} object - search base value for scope tree for eg. DC=myjeeva,DC=com
* @return search result a {@link javax.naming.NamingEnumeration} object - active directory search result
* @throws NamingException
*/
public NamingEnumeration<SearchResult> searchUser(String searchValue, String searchBy, String searchBase) throws NamingException {
String filter = getFilter(searchValue, searchBy);
String base = (null == searchBase) ? domainBase : getDomainBase(searchBase); // for eg.: "DC=myjeeva,DC=com";
return this.dirContext.search(base, filter, this.searchCtls);
}
/**
* closes the LDAP connection with Domain controller
*/
public void closeLdapConnection() {
try {
if (dirContext != null)
dirContext.close();
} catch (NamingException e) {
LOG.severe(e.getMessage());
}
}
/**
* active directory filter string value
*
* @param searchValue a {@link java.lang.String} object - search value of username/email id for active directory
* @param searchBy a {@link java.lang.String} object - scope of search by username or email id
* @return a {@link java.lang.String} object - filter string
*/
private String getFilter(String searchValue, String searchBy) {
String filter = this.baseFilter;
if (searchBy.equals("email")) {
filter += "(mail=" + searchValue + "))";
} else if (searchBy.equals("username")) {
filter += "(samaccountname=" + searchValue + "))";
} else if (searchBy.equals("givenname")) {
filter += "(givenname=" +searchValue + "))";
} else if (searchBy.equals("sn")) {
filter += "(surName=" +searchValue + "))";
}
return filter;
}
/**
* creating a domain base value from domain controller name
*
* @param base a {@link java.lang.String} object - name of the domain controller
* @return a {@link java.lang.String} object - base name for eg. DC=myjeeva,DC=com
*/
private static String getDomainBase(String base) {
char[] namePair = base.toUpperCase().toCharArray();
String dn = "DC=";
for (int i = 0; i < namePair.length; i++) {
if (namePair[i] == '.') {
dn += ",DC=" + namePair[++i];
} else {
dn += namePair[i];
}
}
return dn;
}
}