0

I want to authenticate user against VDS(virtual directory server) using Java.

  • How VDS is different from LDAP? Or VDS is also working on LDAP protocol?

Please help with any sample Java code for authentication against VDS

A sample code to authenticate against LDAP is as below

String userName = "John P R-Asst General Manager";
String passWord = "asdfgh123";
String base ="OU=SOU,DC=example,DC=com";
String dn = "cn=" + userName + "," + base;

String ldapURL = "ldap://mdsdc3.example.com:389";
authEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
authEnv.put(Context.PROVIDER_URL, ldapURL);
authEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
authEnv.put(Context.SECURITY_PRINCIPAL, dn);
authEnv.put(Context.SECURITY_CREDENTIALS, password);

try {
    DirContext authContext = new InitialDirContext(authEnv);
    return true;

} catch (NamingException namEx) {
    return false;
}

To authenticate against VDS, is a complete dn required. Because as per experts only username and password needs to be send to VDS. It will automatically find its DN and do the authentication. Will be thankful if anyone provide nice reference material regarding ldap and vds

Konamiman
  • 49,681
  • 17
  • 108
  • 138
user3402264
  • 1
  • 1
  • 2
  • Are you asking what the differences are between the authentication systems (in which case you are better off at a different site, perhaps Server Fault)? Or do you know what you are trying to do but can't make the java code work (in which case, you need the nonworking code and a java tag)? – JenB Oct 28 '15 at 11:21
  • Please clarify your question. – Rohit Gupta Oct 28 '15 at 11:39
  • Improved code formatting – Konamiman Oct 30 '15 at 11:44

1 Answers1

0

A virtual directory server is a type of server that provides a unified view of identities regardless of how they are stored. (Or you may prefer Wikipedia's definition: "a software layer that delivers a single access point for identity management applications and service platforms"

LDAP is a protocol (hence the "P") for communicating with directory servers.

There isn't a necessary link between LDAP and a VDS, but it is likely that a VDS provides and LDAP interface and, potentially, other programmatic interfaces (Kerberos in particular comes to mind). The details of how you communicate with the VDS are going to be dependent on the configuration you are trying to talk to, but LDAP is a good bet.

Regarding needing a full DN, you don't even need a full DN to authenticate against plain Active Directory. The more usual mode would be to supply something like DOMAIN\username (using the sAMAccountName) or username@dc.example.com (that is, the user principal name) as the SECURITY_PRINCIPAL. In your example, the user would need to type John P R-Asst General Manager rather than anything they are likely to regard as their "user name."

You do, however, need to work out what the VDS you are trying to communicate with requires as the user name. Does it need DOMAIN\username, something else? These are details that whoever runs the VDS you are communicating with should be able to provide you.

In code, you should wind up with something like this (assuming you can use LDAP):

String userName = "DOMAIN\johnp";
String passWord = "asdfgh123";

String ldapURL = "ldaps://vds.example.com";
authEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
authEnv.put(Context.PROVIDER_URL, ldapURL);
authEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
authEnv.put(Context.SECURITY_PRINCIPAL, username);
authEnv.put(Context.SECURITY_CREDENTIALS, password);

try {
    DirContext authContext = new InitialDirContext(authEnv);
    return true;
} catch (NamingException namEx) {
    return false;
}
ig0774
  • 39,669
  • 3
  • 55
  • 57