{"id":198,"date":"2007-01-26T16:22:00","date_gmt":"2007-01-26T16:22:00","guid":{"rendered":"https:\/\/ahm.basfinans.com\/index.php\/2007\/01\/26\/authenticating-users-with-windows-active-directory-from-java\/"},"modified":"2007-01-26T16:22:00","modified_gmt":"2007-01-26T16:22:00","slug":"authenticating-users-with-windows-active-directory-from-java","status":"publish","type":"post","link":"https:\/\/ahm.basfinans.com\/index.php\/2007\/01\/26\/authenticating-users-with-windows-active-directory-from-java\/","title":{"rendered":"Authenticating Users with Windows Active Directory from Java"},"content":{"rendered":"<p><b>Authenticating Users with Windows Active Directory from Java<\/b><\/p>\n<p>Here is a sample code that works with me:<\/p>\n<p><span><\/p>\n<p>\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/<\/p>\n<pre><br \/>import java.util.*;<br \/>import javax.naming.*;<br \/>import javax.naming.directory.*;<br \/><br \/>public class Main {<br \/><br \/> public static void main(String[] args) {<br \/><br \/> try {<br \/>    Hashtable env = new Hashtable();<br \/>    env.put(Context.INITIAL_CONTEXT_FACTORY,<br \/>             \"com.sun.jndi.ldap.LdapCtxFactory\");<br \/>    env.put(Context.PROVIDER_URL,<br \/>             \"LDAP:\/\/my.ldap.server:389\"); \/\/replace with your server URL\/IP<br \/>             \/\/only DIGEST-MD5 works with our Windows Active Directory<br \/>    env.put(Context.SECURITY_AUTHENTICATION,<br \/>             \"DIGEST-MD5\"); \/\/No other SALS worked with me<br \/>    env.put(Context.SECURITY_PRINCIPAL,<br \/>            \"user1\"); \/\/ specify the username ONLY to let Microsoft Happy<br \/>    env.put(Context.SECURITY_CREDENTIALS, \"secret1\");   \/\/the password<br \/><br \/>    DirContext ctx = new InitialDirContext(env);<br \/><br \/>    ctx.close();<br \/><br \/>  } catch(NamingException ne) {<br \/>    System.out.println(\"Error authenticating user:\");<br \/>    System.out.println(ne.getMessage());<br \/>    return;<br \/>}<br \/><br \/>  \/\/if no exception, the user is already authenticated.<br \/>  System.out.println(\"OK, successfully authenticating user\");<br \/>}<br \/><br \/>\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/<br \/><\/pre>\n<p>I stripped comments to make the blog shorter.<\/p>\n<p><b>Resources Helped Me:<\/b><\/p>\n<ul>\n<li><a href=\"http:\/\/www.codeproject.com\/dotnet\/arbauthentication.asp?select=1090431&amp;df=100&amp;forumid=32468\">Authentication against Active Directory and Edirectory via LDAP sample<\/a><\/li>\n<li><a href=\"http:\/\/www.ethereal.com\/\">Ethereal <\/a>to watch packets and know about the protocol and server URL\/IP.<\/li>\n<li><a href=\"http:\/\/www-unix.mcs.anl.gov\/~gawor\/ldap\/\">ldapbrowser<\/a>: I connected to our Microsoft Active Directory anonymously and know that DIGEST-MD5 SASL mechanism is supported.<\/li>\n<\/ul>\n<p><b>Notes:<\/b><\/p>\n<ol>\n<li>The RFC2829 &#8211; <a href=\"http:\/\/www.ietf.org\/rfc\/rfc2829.txt\">http:\/\/www.ietf.org\/rfc\/rfc2829.txt<\/a> &#8211; at section &#8220;6. Password-based authentication&#8221; states that supporting authentication with a password using the DIGEST-MD5 SASL mechanism is mandatory, so I am confident Microsoft will not drop its support.<\/li>\n<li>This is tested on JDK 1.5, I am sure it works on JRE1.5 and even may work with 1.4.<\/li>\n<\/ol>\n<p><\/span><\/p>\n<div>From ahm507.blogspot.com<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Authenticating Users with Windows Active Directory from Java Here is a sample code that works with me: \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ import java.util.*;import javax.naming.*;import javax.naming.directory.*;public class Main { public static void main(String[] args) { try { Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, &#8220;com.sun.jndi.ldap.LdapCtxFactory&#8221;); env.put(Context.PROVIDER_URL, &#8220;LDAP:\/\/my.ldap.server:389&#8221;); \/\/replace with your server URL\/IP \/\/only DIGEST-MD5 works with our Windows Active Directory [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,20],"tags":[],"_links":{"self":[{"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/posts\/198"}],"collection":[{"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/comments?post=198"}],"version-history":[{"count":0,"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/posts\/198\/revisions"}],"wp:attachment":[{"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/media?parent=198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/categories?post=198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ahm.basfinans.com\/index.php\/wp-json\/wp\/v2\/tags?post=198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}