通过LDAP初步理解JNDI

Posted on by No Comments ↓

LDAP与JNDI模型对比
jndi-ldap-model

1、LdapBinder
这个类的主要功能是,把消息放到一个预设的LDAP路径

package com.neohope.jndi.test;
 
import javax.naming.Binding;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import java.util.Hashtable;
 
/**
 * Created by Hansen
 */
public class LdapBinder {
 
    public static void main(String[] args) {
        try {
            final Hashtable jndiProperties = new Hashtable();
            jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.fscontext.RefFSContextFactory");
            jndiProperties.put(Context.PROVIDER_URL, "file:///d:/Downloads/ldap");
            //jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            //jndiProperties.put(Context.PROVIDER_URL, "ldap://localhost:389");
            //jndiProperties.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager");
            //jndiProperties.put(Context.SECURITY_CREDENTIALS,"password");
 
            DirContext ctx = new InitialDirContext(jndiProperties);
            NeoLdapMsgRef msgRef = new NeoLdapMsgRef("Ldap Text");
            ctx.bind("cn=anobject", msgRef);
            //ctx.unbind("cn=anobject");
 
            /*
            NamingEnumeration list = ctx.list("/");
            while (list.hasMore()) {
                NameClassPair nc = (NameClassPair) list.next();
                System.out.println(nc);
            }
            */
 
            NamingEnumeration list = ctx.listBindings("/");
            while (list.hasMore()) {
                Binding binding = (Binding)list.next();
                System.out.println(binding.getName() + " " +binding.getObject()
                );
            }
 
            ctx.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

2、LdapReader
这个类的主要功能是,从预设的LDAP路径读取消息

package com.neohope.jndi.test;
 
import javax.naming.Context;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import java.util.Hashtable;
 
/**
 * Created by Hansen
 */
public class LdapReader {
 
    public static void main(String[] args) {
        try {
            final Hashtable jndiProperties = new Hashtable();
            jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.fscontext.RefFSContextFactory");
            jndiProperties.put(Context.PROVIDER_URL, "file:///d:/Downloads/ldap");
 
            //jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            //jndiProperties.put(Context.PROVIDER_URL, "ldap://localhost:389");
            //jndiProperties.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager");
            //jndiProperties.put(Context.SECURITY_CREDENTIALS,"password");
 
            DirContext ctx = new InitialDirContext(jndiProperties);
            NeoLdapMsgRef msgRef = (NeoLdapMsgRef)ctx.lookup("cn=anobject");
            ctx.close();
 
            System.out.println(msgRef.message);
 
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

3、LdapMonitor
这个类的主要功能是,监视LDAP路径下内容变动

package com.neohope.jndi.test;
 
import javax.naming.Context;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.event.*;
import javax.naming.ldap.UnsolicitedNotificationEvent;
import javax.naming.ldap.UnsolicitedNotificationListener;
import java.util.Hashtable;
 
/**
 * Created by Hansen
 * 条件所限,没有进行测试
 */
public class LdapMonitor {
 
    public static void main(String[] args) {
        try {
            final Hashtable jndiProperties = new Hashtable();
            jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            jndiProperties.put(Context.PROVIDER_URL, "ldap://localhost:389");
            jndiProperties.put(Context.SECURITY_PRINCIPAL,"cn=Manager");
            jndiProperties.put(Context.SECURITY_CREDENTIALS,"password");
 
            DirContext ctx = new InitialDirContext(jndiProperties);
            EventDirContext enentCtx=(EventDirContext)(ctx.lookup("/"));
 
            NamingListener unsolListener = new UnsolicitedNotificationListener() {
                public void notificationReceived(UnsolicitedNotificationEvent evt) {
                    System.out.println("received: " + evt + ",notification:" + evt.getNotification());
                }
 
                public void namingExceptionThrown(NamingExceptionEvent evt) {
                    System.out.println(">>> UnsolListener got an exception");
                    evt.getException().printStackTrace();
                }
            };
 
            NamingListener namespaceListener = new NamespaceChangeListener() {
                public void objectAdded(NamingEvent evt) {
                    System.out.println("objectAdded: " + evt.getOldBinding() + "\n=> " + evt.getNewBinding());
                    System.out.println("\tchangeInfo: " + evt.getChangeInfo());
                }
 
                public void objectRemoved(NamingEvent evt) {
                    System.out.println("objectRemoved: " + evt.getOldBinding() + "\n=> " + evt.getNewBinding());
                    System.out.println("\tchangeInfo: " + evt.getChangeInfo());
                }
 
                public void objectRenamed(NamingEvent evt) {
                    System.out.println("objectRenamed: " + evt.getOldBinding() + "\n=> " + evt.getNewBinding());
                    System.out.println("\tchangeInfo: " + evt.getChangeInfo());
                }
 
                public void namingExceptionThrown(NamingExceptionEvent evt) {
                    System.err.println(">>>NamespaceChangeListener Exception");
                    evt.getException().printStackTrace();
                }
            };
 
            NamingListener objectListener = new ObjectChangeListener() {
                public void objectChanged(NamingEvent evt) {
                    System.out.println("objectChanged: " + evt.getOldBinding() + "\n\t=> " + evt.getNewBinding());
                    System.out.println("\tchangeInfo: " + evt.getChangeInfo());
                }
 
                public void namingExceptionThrown(NamingExceptionEvent evt) {
                    System.err.println(">>>ObjectChangeListener Exception");
                    evt.getException().printStackTrace();
                }
            };
 
            enentCtx.addNamingListener("", EventContext.SUBTREE_SCOPE, unsolListener);
            enentCtx.addNamingListener("", EventContext.SUBTREE_SCOPE, namespaceListener);
            enentCtx.addNamingListener("", EventContext.SUBTREE_SCOPE, objectListener);
 
            System.in.read();
 
            //enentCtx.close();
            ctx.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

4、NeoLdapMsgRef

package com.neohope.jndi.test;
 
import javax.naming.NamingException;
import javax.naming.Reference;
import javax.naming.Referenceable;
import javax.naming.StringRefAddr;
 
/**
 * Created by Hansen
 */
public class NeoLdapMsgRef implements Referenceable {
    public String message = "";
 
    public NeoLdapMsgRef(String message)
    {
        this.message = message;
    }
 
    @Override
    public Reference getReference() throws NamingException {
        Reference ref = new Reference(this.getClass().getName(), NeoLdapMsgRefFactory.class.getName(), null);
        ref.add(new StringRefAddr("msg", message));
        return ref;
    }
}

5、NeoLdapMsgRefFactory

package com.neohope.jndi.test;
 
import javax.naming.*;
import javax.naming.spi.ObjectFactory;
import java.util.Hashtable;
 
/**
 * Created by Hansen
 */
public class NeoLdapMsgRefFactory implements ObjectFactory {
    @Override
    public Object getObjectInstance(Object obj, Name name, Context nameCtx, Hashtable<?, ?> environment) throws Exception {
        if (obj instanceof Reference) {
            Reference ref = (Reference) obj;
            String msg = (String) ref.get("msg").getContent();
            NeoLdapMsgRef msgRef = new NeoLdapMsgRef(msg);
            return msgRef;
        }
        else {
            return null;
        }
    }
}

LADP常用函数

LADP操作 解释 JNDI函数
Search Search directory for matching directory entries DirContext.search()
Compare Compare directory entry to a set of attributes DirContext.search()
Add Add a new directory entry DirContext.bind(), DirContext.createSubcontext()
Modify Modify a particular directory entry DirContext.modifyAttributes()
Delete Delete a particular directory entry Context.unbind(), Context.destroySubcontext()
Rename Rename or modify the DN Context.rename()
Bind Start a session with an LDAP server new InitialDirContext()
Unbind End a session with an LDAP server Context.close()
Abandon Abandon an operation previously sent to the server Context.close(), NamingEnumneration.close()
Extended Extended operations command LdapContext.extendedOperation()

LADP查询常用符号

o Organization
ou Organizational unit
cn Common name
sn Surname
givenname First name
uid Userid
dn Distinguished name
mail Email address

LADP查询常用操作符

符号 含义 示例 匹配示例
~ Approximate (sn~=Tyagi) Tyagi or variations in spelling
= Equality (sn=Tyagi) Surname of Tyagi only
> Greater than (sn=Tyagi) Any surname that alphabetically follows Tyagi
>= Greater than or equal to (sn>=Tyagi) Any surname that includes or alphabetically follows Tyagi
< Less than (sn Any surname that alphabetically precedes Tyagi
<= Less than or equal to (sn<=Tyagi) Any surname that includes or alphabetically precedes Tyagi
=* Presence (sn=*) All surnames (all entries with the sn attribute)
Substring (sn=Tya*), (sn=*yag*), (sn=Ty*g*) Any matching string, substring, or superstring that matches Tyagi
& And (&(sn=Tyagi) (cn=Sameer Tyagi)) Any entry that matches both surname of Tyagi and a common name of Sameer Tyagi
| Or (|(sn=Tyagi) (cn=Sameer Tyagi)) Any entry that matches either surname of Tyagi or a common name of Sameer Tyagi
! Not (!(sn=Tyagi)) Any entry other than that with a surname of Tyagi

Leave a Reply

Your email address will not be published. Required fields are marked *

*