25Dec/095
Ldap User Management with Spring LDAP
Java Naming and Directory Interface (JDNI) is the API used for LDAP programming on the Java platform. JNDI makes far too much work of simple procedures, such as ensuring that resources have been properly opened and closed. In addition, most JNDI methods throw checked exceptions, which are time-consuming to handle.
Spring LDAP provides a sophisticated wrapper API on top of JNDI to make LDAP Programming easier. Here i will show you on how to write, update and delete entries on ldap server using Spring LDAP.
Download Spring Ldap from http://www.springsource.com/download/community
Spring Configuration
Create an LdapContextSource and an LdapTemplate object. Configure the ldapServer url, baseDn and optionally userDn, password if anonymous access is not allowed. Also inject the LdapTemplate into DAO.
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="url" value="ldap://localhost:389" />
<property name="base" value="dc=javachap,dc=com" />
<property name="userDn" value="cn=Manager,dc=javachap,dc=com" />
<property name="password" value="mypassword" />
</bean>
<bean id="ldapTemplate">
<constructor-arg ref="contextSource" />
</bean>
<bean id="userService">
<property name="ldapTemplate" ref="ldapTemplate"/>
</bean>
Domain
Create a simple user domain interface and implementation which holds the basic information about the user. The information with in this user object will be persisted to the Ldap.
package com.javachap.domain;
public interface User {
String getUserName();
void setUserName(String userName);
String getFirstName();
void setFirstName(String firstName);
String getLastName();
void setLastName(String lastName);
String getEmail();
void setEmail(String email);
String getPassword();
void setPassword(String password);
String getDepartment();
void setDepartment(String departement);
String[] getGroups();
void setGroups(String[] groups);
}
package com.javachap.domain.impl;
import com.javachap.domain.User;
public class UserImpl implements User {
private static final long serialVersionUID = 7487133273442955818L;
private String userName;
private String firstName;
private String lastName;
private String email;
private String password;
private String department;
private String groups[];
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getDepartment() {
return department;
}
public void setDepartment(String department) {
this.department = department;
}
public String[] getGroups() {
return groups;
}
public void setGroups(String[] groups) {
this.groups = groups;
}
public String toString() {
StringBuffer buffer = new StringBuffer();
buffer.append("UserImpl[");
buffer.append("id = ").append(id);
buffer.append(" userName = ").append(userName);
buffer.append(" email = ").append(email);
buffer.append(" firstName = ").append(firstName);
buffer.append(" lastName = ").append(lastName);
buffer.append(" password = ").append(password);
buffer.append("]");
return buffer.toString();
}
}
User DAO
LdapTemplate is built on the same principles as the JdbcTemplate in Spring JDBC. It completely eliminates the need to worry about creating and closing DirContext and looping through NamingEnumeration. It also provides a more comprehensive unchecked exception hierarchy, built on Spring's DataAccessException.
package com.javachap.service;
import java.util.List;
/**
* UserService
*
* @author JavaChap
*/
public interface UserService {
User getUser(final String email);
User save(final User user);
boolean authenticate(final String userName, final String password);
List<User> getUsers(final String pattern);
void delete(final User user);
}
package com.javachap.service.impl;
import java.io.UnsupportedEncodingException;
/**
* UserService Implementation
*
* @author JavaChap
*/
public class UserServiceImpl implements UserService {
private static final long serialVersionUID = 4889152297004460837L;
public static final String BASE_DN = "dc=javachap,dc=com";
private static class UserAttributesMapper implements AttributesMapper {
public Object mapFromAttributes(Attributes attrs)
throws NamingException {
User user = (User) AppUtils.getBean("user");
if (attrs.get("uid") != null) {
user.setUserName((String) attrs.get("uid").get());
}
if (attrs.get("cn") != null) {
user.setFirstName((String) attrs.get("cn").get());
}
if (attrs.get("sn") != null) {
user.setLastName((String) attrs.get("sn").get());
}
if (attrs.get("mail") != null) {
user.setEmail((String) attrs.get("mail").get());
}
return user;
}
}
private LdapTemplate ldapTemplate;
public void setLdapTemplate(final LdapTemplate ldapTemplate) {
this.ldapTemplate = ldapTemplate;
}
public boolean authenticate(String userName, String password) {
AndFilter filter = new AndFilter();
filter.and(new EqualsFilter("objectclass", "person")).and(
new EqualsFilter("uid", userName));
return ldapTemplate.authenticate(DistinguishedName.EMPTY_PATH, filter
.toString(), password);
}
public User getUser(final String userName) {
AndFilter filter = new AndFilter();
filter.and(new EqualsFilter("objectclass", "person")).and(
new EqualsFilter("uid", userName));
List<User> users = ldapTemplate.search(DistinguishedName.EMPTY_PATH,
filter.encode(), new UserAttributesMapper());
if (!users.isEmpty()) {
return users.get(0);
}
return null;
}
public List<User> getUsers(final String pattern) {
AndFilter filter = new AndFilter();
filter.and(new EqualsFilter("objectclass", "person"));
if (pattern != null) {
filter.and(new LikeFilter("uid", pattern));
}
List<User> users = ldapTemplate.search(DistinguishedName.EMPTY_PATH,
filter.encode(), new UserAttributesMapper());
return users;
}
public User save(final User user) {
Name dn = buildDn(user);
ldapTemplate.bind(dn, null, buildAttributes(user));
// Update Groups
for (String group : user.getGroups()) {
try {
DistinguishedName groupDn = new DistinguishedName();
groupDn.add("ou", "Groups");
groupDn.add("cn", group);
DirContextOperations context = ldapTemplate
.lookupContext(groupDn);
context.addAttributeValue("memberUid", user.getUserName());
ldapTemplate.modifyAttributes(context);
} catch (Exception e) {
e.printStackTrace();
}
}
return user;
}
public User update(final User user) {
Name dn = buildDn(user);
ldapTemplate.rebind(dn, null, buildAttributes(user));
return user;
}
public void delete(User user) {
Name dn = buildDn(user);
ldapTemplate.unbind(dn);
}
private Name buildDn(final User user) {
DistinguishedName dn = new DistinguishedName();
dn.add("ou", "People");
if (user.getDepartment() != null) {
dn.add("ou", user.getDepartment());
}
dn.add("uid", user.getUserName());
return dn;
}
private Attributes buildAttributes(final User user) {
Attributes attrs = new BasicAttributes();
BasicAttribute ocattr = new BasicAttribute("objectclass");
ocattr.add("person");
ocattr.add("inetOrgPerson");
attrs.put(ocattr);
attrs.put("cn", user.getFirstName());
attrs.put("sn", user.getLastName());
attrs.put("userPassword", "{SHA}" + this.encrypt(user.getPassword()));
attrs.put("mail", user.getEmail());
return attrs;
}
private String encrypt(final String plaintext) {
MessageDigest md = null;
try {
md = MessageDigest.getInstance("SHA");
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e.getMessage());
}
try {
md.update(plaintext.getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e.getMessage());
}
byte raw[] = md.digest();
String hash = (new BASE64Encoder()).encode(raw);
return hash;
}
}
Util Classes
package com.javachap.utils;
import org.springframework.context.ApplicationContext;
/**
* The Application Utils
*
* @author Vijay Dendukuri
*/
public class AppUtils {
private static ApplicationContext applicationContext;
/**
* Return the application context.
*
* @return the application context
*/
public static ApplicationContext getApplicationContext() {
return (applicationContext);
}
/**
* Set the application context.
*
* @param context the application context to set.
*/
public static void setApplicationContext(final ApplicationContext context) {
applicationContext = context;
}
/**
* Returns the Bean given the bean name
* @param name bean name
* @return bean instance
*/
public static Object getBean(final String name) {
if(applicationContext == null) {
throw new IllegalArgumentException(
"ApplicationContext is not initialized");
}
return applicationContext.getBean(name);
}
}
package com.javachap.service;
import static com.javachap.utils.AppUtils.getBean;
/**
* Service Utilities, exposes the method to get the services
* @author Vijay Dendukuri
*/
public class ServiceUtils {
/**
* Gets Instance of UserService
* @return UserService Instance
*/
public static UserService getUserService(){
return (UserService)getBean("userService");
}
}
Test class
package com.javachap.service.impl;
import org.apache.log4j.BasicConfigurator;
import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
import org.springframework.context.support.GenericApplicationContext;
import org.springframework.core.io.ClassPathResource;
import com.javachap.domain.User;
import com.javachap.domain.impl.UserImpl;
import com.javachap.service.ServiceUtils;
import com.javachap.service.UserService;
import com.javachap.utils.AppUtils;
public class Test {
public static void main(String args[]) {
BasicConfigurator.configure();
GenericApplicationContext appContext = new GenericApplicationContext();
XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader(
appContext);
xmlReader.loadBeanDefinitions(new ClassPathResource(
"applicationContext.xml"));
appContext.refresh();
AppUtils.setApplicationContext(appContext);
UserService userService = ServiceUtils.getUserService();
// User Authenticate
boolean authenticated = userService.authenticate("user@javachap.com",
"javachap");
System.out.println("Authenticated: " + authenticated);
// User Save
User user = new UserImpl();
user.setUserName("javachap2");
user.setFirstName("java");
user.setLastName("chap");
user.setEmail("user2@javachap.com");
user.setPassword("chapjava");
user.setDepartment("Engineering");
user.setGroups(new String[] { "Admin", "HudsonAdmin", "WikiAdmin" });
userService.save(user);
// User Get
user = userService.getUser("javachap2");
System.out.println("User:" + user);
}
}
References
http://today.java.net/article/2006/04/14/ldaptemplate-ldap-programming-java-made-simple
Tagged as: ldap, spring, Top Menu
Leave a comment
Advertisement
Shared from Google Reader
No Google Reader feed was found with the provided ID. Please validate the ID in plug-in configuration.Recent Posts
- 6th Grader and iPhone Application Developer
- The 5 Biggest Ways to Boost MySQL Scalability
- Enumeration Mapping in Hibernate
- Java 7′s Fork/Join Framework
- Understanding Java Weak References
Recent Comments
- vicky on How to make VOIP calls on iPhone using MagicJack Connection and Siphon
- ravish on Vodafone India – GPRS for iPhone without Data Plan
- ravish on Vodafone India – GPRS for iPhone without Data Plan
- ravish on Vodafone India – GPRS for iPhone without Data Plan
- Sandeep on Vodafone India – GPRS for iPhone without Data Plan
Blogroll
Tags
centos
cloud
crud
cydia
database
datasource
debugging
dwr
eclipse
erd
ermaster
gprs
greatandhra
hibernate
humor
install
iPhone
iSip
ldap
Linux
magicJack
mediawiki
modelling
movie
mysql
online
openldap
permalinks
plugin
reference
rss
schema
seo
siphon
source
spring
storage
struts
theme
Top Menu
twitter
voip
wordpress
yahoo
yui
March 21st, 2010 - 11:14
AppUtils and ServiceUtils are missing. Can you pls add them as well.
Thanks
May 2nd, 2010 - 17:59
attach your LDIF file please. I’ve tried ur simple Spring LDAP project but i found some error. Thanx
October 5th, 2010 - 16:05
Thanks – I was writing something similar whilst new to a lot of things Spring, so this was a nice help.
October 20th, 2010 - 08:54
Thanks it is very helpful.
November 30th, 2010 - 13:47
hi
i unable to add password with
personAttributes.put(“userPassword”, “{SHA}” + this.encrypt(contactDTO.getPassword()));
it seem not a required attribute to save user password so that for authentication
i also try that
personAttributes.put(“unicodepwd”, this.createUnicodePassword(contactDTO.getPassword()) );
but given error code 53 can u please tell me the correct way to store user password so that he/she login