LDAPS验证密码

 LdapsAuthn.class

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.*;
import java.util.Hashtable;

public class LdapsAuthn {
    /**
     * 服务器地址
     */
    public static final String server = " ";
    /**
     * 端口
     */
    public static final String port = "636";
    /**
     * 登录名
     */
    public static final String admin = " ";
    /**
     * 密码
     */
    public static final String adminPass = " ";
    /**
     *待验证的用户工号和密码
     */
    public static final String testUser = " ";
    public static final String testPassword = " ";

    public static final String baseDN = " ";

    public static void main(String args[]) {
        /**
         *连接服务器进行验证，正确输出true，错误返回false
         */
        boolean  verify = connect(server, port, admin, adminPass, testUser, baseDN);
        System.out.println(verify);
    }

    public static boolean connect(String server, String port, String user, String passwd, String testUser, String baseDN) {
        boolean result = false;
        InitialDirContext ctx = null;
        InitialDirContext context = null;
        /**
         * 连接的服务器地址进行拼接
         */
        String ldapURL = "ldap://" + server + ":" + port;
        /**
         * 配置连接属性
         */
        Hashtable<String, String> env =new Hashtable<String, String>();
        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, user);
        env.put(Context.SECURITY_CREDENTIALS, passwd);
        env.put(Context.PROVIDER_URL, ldapURL);
        env.put(Context.REFERRAL,"ignore");
        env.put(Context.SECURITY_PROTOCOL,"ssl");
        env.put("java.naming.ldap.factory.socket", "包名.DummySSLSocketFactory");

        try {
            ctx = new InitialDirContext(env);
            SearchControls searchCtls = new SearchControls();
            /**
             * 设置为搜索范围为整个目录
             */
            searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
            /**
             * 搜索
             */
            NamingEnumeration<?> results = ctx.search(baseDN, "sAMAccountName=" + testUser, searchCtls);
            /**
             * 用戶的DN
             */
            String userDN = null;
            /**
             * 取出搜索结果
             */
            while (results.hasMoreElements()) {
                SearchResult sr = (SearchResult) results.next();
                userDN = sr.getName();
                System.out.println(userDN);
            }
            /**
             * 配置待验证的用户名和密码
             */
            env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN);
            env.put(Context.SECURITY_CREDENTIALS, testPassword);

            context = new InitialDirContext(env);

            System.out.println("密码正确");
            result = true;
        } catch (NamingException e) {
            e.printStackTrace();
        } finally {
            /**
             * 关闭资源
             */
            if(ctx != null){
                try {
                    ctx.close();
                } catch (NamingException e){
                    e.printStackTrace();
                }
            }
            if(context != null){
                try {
                    context.close();
                } catch (NamingException e){
                    e.printStackTrace();
                }
            }
        }
        return result;
    }
}

DummySSLSocketFactory.class

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;

public class DummySSLSocketFactory extends SSLSocketFactory {

    private SSLSocketFactory factory;

    public DummySSLSocketFactory() {

        try {

            SSLContext sslcontext = SSLContext.getInstance("TLS");

            sslcontext.init( null, // No KeyManager required

                    new TrustManager[] { new DummyTrustManager()},

                    new java.security.SecureRandom());

            factory = ( SSLSocketFactory) sslcontext.getSocketFactory();

        } catch( Exception ex) { ex.printStackTrace(); }

    }

    public static SocketFactory getDefault() {

        return new DummySSLSocketFactory();

    }

    public Socket createSocket( Socket socket, String s, int i, boolean flag) throws IOException {

        return factory.createSocket( socket, s, i, flag);

    }

    public Socket createSocket( InetAddress inaddr, int i, InetAddress inaddr1, int j) throws IOException {

        return factory.createSocket( inaddr, i, inaddr1, j);

    }

    public Socket createSocket( InetAddress inaddr, int i) throws IOException {

        return factory.createSocket( inaddr, i);

    }

    public Socket createSocket( String s, int i, InetAddress inaddr, int j) throws IOException {

        return factory.createSocket( s, i, inaddr, j);

    }

    public Socket createSocket( String s, int i) throws IOException {

        return factory.createSocket( s, i);

    }

    public String[] getDefaultCipherSuites() {

        return factory.getSupportedCipherSuites();

    }

    public String[] getSupportedCipherSuites() {

        return factory.getSupportedCipherSuites();

    }

}

DummyTrustManager.class

import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
public class DummyTrustManager implements X509TrustManager {
    public void checkClientTrusted( X509Certificate[] cert, String authType) {
        return;
    }

    public void checkServerTrusted( X509Certificate[] cert, String authType) {
        return;
    }

    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}