2015-06-10 58 views
0

我試圖用jsp/jndi添加ldap條目。代碼非常粗糙,我正在學習,所以如果你有任何建議,請告訴我。 SEARCH部分正常工作。 ADDENTRY部分沒有。它告訴我:使用JSP/JNDI搜索並添加ldap條目

" An exception occurred: [LDAP: error code 50 - The entry cn=m,o=Rubrica,dc=example,dc=com cannot be added due to insufficient access rights] " 

這是我的代碼:

<%@page import="javax.naming.NamingEnumeration"%> 
<%@page contentType="text/html" pageEncoding="UTF-8"%>  
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd"> 
<%@page import="java.util.*" %> 
<%@page import="javax.naming.ldap.*" %> 
<%@page import="javax.naming.directory.*"%> 
<%@page import="javax.naming.directory.InitialDirContext"%> 
<%@page import="javax.naming.directory.DirContext"%> 
<%@page import="javax.naming.Context" %> 
<%@page import="javax.naming.InitialContext" %> 
<%@page import="javax.naming.NamingException" %> 


<html> 
<head> 
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
    <title>JSP Page</title> 
</head> 
<body> 
    <h2>Rubrica</h2> 



    <!-- SEARCH ENTRY --> 



    <br> 
    <h3>Search:</h3> 
    <form action="" method="post"> 
     Search Entry: <input type="text" name="search""><br> 
    <input type="submit" value="search"> 
    </form> 
    <br><br> 

    <% 

    //CREATING AN INITIAL CONTEXT for search function: 
    //context = objects whose state is a set of bindings (=ldap entries), that have distinct atomic names. 
    //The Hashtable class represents the environments properties parameters    
     Hashtable env = new Hashtable(); 
     env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); 
     env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com"); 
     DirContext ctx = new InitialDirContext(env); 
     env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager,dc=example,dc=com"); 
     env.put(Context.SECURITY_CREDENTIALS,"secret"); 



    String searchName = (String)request.getParameter("search"); 

    try{ 
     request.getParameter("search"); 
     Attributes attrs = ctx.getAttributes("cn = " + searchName); 
     out.println(attrs.get("cn").get()+": ");    
     out.println(attrs.get("telephonenumber").get()); 
    } 
    catch (Exception e){ 
     out.println("An exception occurred: " + e.getMessage()); 
    }   
    %> 


    <br><br>------------------------------------</br><br> 



    <!-- ADD ENTRY --> 


    <br> 
    <h3>Add Entry:</h3> 
    <form action="" method="post"> 
     Add Entry:<br><br> 
     Full Name: <input type="text" name="addcn"><br> 
     Surname:  <input type="text" name="surname"><br> 
     PhoneNumber: <input type="text" name="pn"><br> 
    <input type="submit" value="addEntry"> 
    </form> 
    <br><br> 

    <%    

    String addcn = (String)request.getParameter("addcn"); 
    String surname = (String)request.getParameter("surname"); 
    String pn = (String)request.getParameter("pn"); 

    try{ 
     //Create new set of attributes 
     BasicAttributes attrs1 = new BasicAttributes(); 
     //(The item is a person) 
     Attribute classes = new BasicAttribute("objectClass"); 
     classes.add("top"); 
     classes.add("person"); 
// classes.add("organizationalPerson"); 
     // Add the objectClass attribute to the attribute set 
      attrs1.put(classes); 
     // Store the other attributes in the attribute set 
      attrs1.put("sn", surname); 
      attrs1.put("telephonenumber", pn); 
     // Add the new entry to the directory server 

      ctx.createSubcontext("ldap://localhost:1389/cn="+addcn+",o=Rubrica,dc=example,dc=com", attrs1);  
     } 
     catch (Exception e){ 
      out.println("An exception occurred: " + e.getMessage()); 
    }    
    %> 

</body> 

我添加了 「刪除條目」 部分:

<h3>Remove Entry:</h3> 
    <form method="post"> 
     Insert Entry To Remove: <input type="text" name="delUser""><br> 
    <input type="submit" value="Remove"> 
    </form><br><br> 



    <% 
    String delUser = (String)request.getParameter("delUser"); 
    try 
    { 
     ctx.destroySubcontext("cn="+delUser); 
     } 
     catch (Exception e){ 
      out.println("An exception occurred: " + e.getMessage()); 
     } 
    %> 

和頁面給我相同授權錯誤。 ps。我在我的機器上使用ldap + SASL。也許這可能是問題所在。

[解決] 的問題是,指令的有關創建的上下文的順序不正確。在上面的代碼中,我做了匿名認證。 遵循正確的操作流程:

 env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");      
     env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com"); 

     env.put(Context.SECURITY_AUTHENTICATION, "simple");    

     env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager");    
     env.put(Context.SECURITY_CREDENTIALS,"secret"); 


     DirContext ctx = new InitialDirContext(env); 

回答

0

從你的錯誤似乎是你沒有訪問權限添加在樹層次您要添加的條目項。執行以下任務之一:

  1. 使用admin用戶添加條目。
  2. 嘗試在您有權添加條目的層次結構中添加條目。
  3. 授予您用於添加條目的用戶的權利。
+0

謝謝; admin用戶是我將添加具有opendj項相同,證書相匹配。我控制了層次結構,這看起來也是正確的。關於第3屆..我如何擁有使用者的權利? – MdC

+0

我認爲用戶羣存在問題。查看SECURITY_PRINCIPAL和PROVIDER_URL的層次結構。你可以減少任何一個或兩個層次結構爲「dc = com」? –

+0

若要解決此問題,行「DirContext ctx = new InitialDirContext(env);」在SECURITY_PRINCIPAL和PWD之後,但它仍然導致異常。 – MdC