3 Replies Latest reply on Dec 9, 2008 9:14 PM by Eduardo Castillo

    How to pull user information from ldap

    Roger Hsu Newbie

      I have a SEAM web project and I am able to authenticate against the ldap. However, I cannot find a way (or code example) to pull user information (such as first name, last name, and email address) out of the ldap. Can anyone help?


      What I have done:
      1) An application policy for LDAP in login-config.xml
      2) A security domain for LDAP in jboss-web.xml
      3) Implement authenticate() in Authenticator.java   



      public boolean authenticate()
          {
              //write your authentication logic here,
              //return true if the authentication was
              //successful, false otherwise
              SimplePrincipal user = new SimplePrincipal(identity.getCredentials().getUsername()); 
              SecurityAssociationHandler handler = new SecurityAssociationHandler();
              handler.setSecurityInfo(user, identity.getCredentials().getPassword()); 
              try{
                  LoginContext lc = new LoginContext("testLDAP", handler);
                  lc.login();
              }catch(Exception e){
                   log.error("authenticating #0", e.getMessage());
                   return false;
              }
              identity.addRole("admin");
              return true;
          }


        • 1. Re: How to pull user information from ldap
          Chuanbao Lu Newbie

          Hi, Please refer to this tutorial:  http://java.sun.com/docs/books/tutorial/jndi/ldap/index.html


          I have a piece of code that might help you


          public List search(String filter, String rootDn) throws RegistryException {
                    List persons = new ArrayList();
                    LdapContext ctx = null;
                    try
                    {
                         if (StringUtils.isNotEmpty(filter))
                         {
                              ctx = new InitialLdapContext(getContextEnv(adminDn, adminPassword), null);
                              String[] attrIDs = {"uid", "cn"};
                              SearchControls ctls = new SearchControls();
                              ctls.setReturningAttributes(attrIDs);
                              ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                              
                              NamingEnumeration results = ctx.search(rootDn, filter, ctls);
                              SearchResult result = null;
                              String dn = null;
                              while (results.hasMore()) {
                                   result = (SearchResult) results.next();
                                   dn = result.getName() + "," + rootDn;
                                   persons.add(getPersonByDn(dn));
                              }
                         }
                    }
                    catch (NameNotFoundException e) {
                         if (e.getExplanation().indexOf("LDAP: error code 32 - No Such Object") > -1) {
                              log.debug("No result found searched by filter[" + filter + "]");
                         }
                    }
                    catch (NamingException e)
                    {
                         StringBuffer msg = new StringBuffer("Failed to search by filter[");
                         msg.append(filter);
                         msg.append("]. ");
                         msg.append(e.getExplanation());
                         log.error(msg, e);
                         throw new IrrecoverableRegistryException(msg.toString());
                    }
                    finally
                    {
                         try { if (ctx != null) ctx.close(); } catch(NamingException e) { log.warn("Failed to close LDAP context["+ctx+"]."); }
                    }
                    
                    return persons;
               }
          

          • 2. Re: How to pull user information from ldap
            Roger Hsu Newbie

            Thanks. I am able to get it done now!

            • 3. Re: How to pull user information from ldap
              Eduardo Castillo Newbie

              Hi Roger,


              Can you share the source-code that you wrote to authenticate against the ldap?


              Thanks,
              Eduardo