Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I just check if a given username exists?

Tags:

java

ldap

I have an application that uses both LDAP and simple database authentication to log users in. Only if the user does not exists in the LDAP context, the application checks if he exists in the database. So I need a way to check if the users exists in LDAP, without knowing the password. I mention that usernames are unique.

I use this code, which works if I have a correct username and password. If the password OR the username are wrong, I get an exception. It would be ideal if I could get different exceptions, one if the username does not exist, other if the password provided is wrong.

    String username = "test";
    String password = "pass";
    Hashtable<String, String> environment = new Hashtable<String, String>();
    environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    environment.put(Context.PROVIDER_URL, "ldap://server.example.com:389");
    environment.put(Context.SECURITY_AUTHENTICATION, "simple");
    String user = username + "@example.com";
    environment.put(Context.SECURITY_PRINCIPAL, user ); 
    environment.put(Context.SECURITY_CREDENTIALS, password);
    try
    {
        DirContext context = new InitialDirContext(environment);

        String searchBase = "DC=server,DC=example,DC=COM";
        String FILTER = "(&(objectClass=user)(objectCategory=person)((sAMAccountName=" + username + ")))";
        SearchControls ctls = new SearchControls();
        ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        NamingEnumeration<SearchResult> answer = context.search(searchBase, FILTER, ctls);
        SearchResult result = answer.next();
        Attribute email = result.getAttributes().get("mail");
        Attribute cn = result.getAttributes().get("cn");
        System.out.println(cn + " : " + email);
        context.close();
    }
    catch (AuthenticationException a)
    {
        Logger.getLogger().info("Authentication failed: " + a.getExplanation());

    }
    catch (NamingException e)
    {
        Logger.getLogger().info("Failed to bind to LDAP: " + e.getExplanation());
    }
like image 394
radonys Avatar asked Oct 24 '22 23:10

radonys

1 Answers

You're searching for a user in the LDAP, using only his user name. But to authenticate to the LDAP, you're using the searched user name and his password.

Just use another (admin) user and password to authenticate, and return true if the search for the user returns something.

like image 91
JB Nizet Avatar answered Oct 31 '22 14:10

JB Nizet
Sign in to Comment

Related questions

Capture high-resolution image snapshots from webcam, in Java
Unique Identifier for certificate Issuer (X509Name)
How to eliminate auto-generated namespace prefix in elements/attributes using JAXB marshalling
How to hint type inference when using static imports?
Design a Plugin based java application
Working with Recursion and Generic Interfaces
Is there a way to expand a JFileChooser directory without a mouse
How do I run a Fast Scala Compiler remote server?
Gurobi and java and empty solution
What is lock reentrance in java used for? [duplicate]
Spring MVC How to provide injectable for controller method
Java performance timing library [closed]
Exception during screen rotation: Parcel: Class not found when unmarshalling: androidx.fragment.app.FragmentManagerState
H2 Console Cant see tables created by JAVA
Empty if-statements [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!