1

Currently, I'm using user and password as the connection credentials to ldap (in order to search on this AD).

My code looks like:

env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ...);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, ...);
env.put(Context.SECURITY_CREDENTIALS, ...);
env.put("com.sun.jndi.ldap.connect.timeout", ...);

try {
  ctx = new InitialLdapContext(env, null);
}
catch (NamingException e) {
    System.out.println("error")
}

I want to change this code, so it will not use user+password as the credentials against the LDAP. I want it to authenticate using NTLM.

How can I do it? Can you provide an example?

Stijn Geukens
  • 15,454
  • 8
  • 66
  • 101
Matan
  • 680
  • 2
  • 14
  • 24

2 Answers2

2

https://sourceforge.net/projects/javaldapntlmbind/

The solution uses UnboundID Java LDAP SDK and for the NTLM Handling, it uses samba.org's JCIF Java library. Due to using JCIF, it is platform independent and does not need to be run on Windows.

Alex
  • 191
  • 1
  • 7
0

No chance, JGSS does not support NTLM as SASL mechanism. Use Kerberos (GSS-API) with SASL.

Michael-O
  • 18,123
  • 6
  • 55
  • 121
  • Tried it with no luck. Can you please answer my question at: http://stackoverflow.com/questions/12025998/javax-naming-authenticationexception ? Thanks! – Matan Aug 19 '12 at 11:54
  • There is no need to ask the same thing twice! I am not going to switch betwwen these to question. – Michael-O Aug 19 '12 at 12:25