| | |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2011 ForgeRock AS |
|---|
| | | ! Copyright 2011-2012 ForgeRock AS |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <chapter xml:id='chap-authenticating' |
|---|
| | |
|---|
| | | <literal>uid=bjensen,ou=People,dc=example,dc=com</literal> with the |
|---|
| | | password <literal>hifalutin</literal>. An example is provided with the |
|---|
| | | OpenDJ LDAP SDK examples in |
|---|
| | | <filename>org.forgerock.opendj.examples.simpleauth.Main.java</filename>.</para> |
|---|
| | | <filename>org.forgerock.opendj.examples.SimpleAuth.java</filename>.</para> |
|---|
| | | |
|---|
| | | <para>The directory stores the password value used for simple authentication |
|---|
| | | in binary form on the <literal>userPassword</literal> attribute of the entry. |
|---|
| | |
|---|
| | | the directory determines authorization for operations on the connection |
|---|
| | | based on the users identity.</para> |
|---|
| | | |
|---|
| | | <programlisting language="java"> /** |
|---|
| | | <programlisting language="java"> |
|---|
| | | /** |
|---|
| | | * Authenticate over LDAP. |
|---|
| | | */ |
|---|
| | | private static void connect() |
|---|
| | |
|---|
| | | set up a trust manager that trusts all certificates.</para> |
|---|
| | | |
|---|
| | | <para>The following example is an excerpt from the OpenDJ LDAP SDK example, |
|---|
| | | <filename>org.forgerock.opendj.examples.simpleauth.Main.java</filename>.</para> |
|---|
| | | <filename>org.forgerock.opendj.examples.SimpleAuth.java</filename>.</para> |
|---|
| | | |
|---|
| | | <programlisting language="java"> private static LDAPOptions getTrustAllOptions() |
|---|
| | | <programlisting language="java"> |
|---|
| | | private static LDAPOptions getTrustAllOptions() |
|---|
| | | throws GeneralSecurityException |
|---|
| | | { |
|---|
| | | LDAPOptions lo = new LDAPOptions(); |
|---|
| | |
|---|
| | | to the LDAP connection factory, and that you handle the potential security |
|---|
| | | exception involved in setting up the SSL context.</para> |
|---|
| | | |
|---|
| | | <programlisting language="java"> /** |
|---|
| | | <programlisting language="java"> |
|---|
| | | /** |
|---|
| | | * Perform authentication over a secure connection, trusting all server |
|---|
| | | * certificates. |
|---|
| | | */ |
|---|
| | |
|---|
| | | ID as the authorization ID that identifies the user who performs operations. |
|---|
| | | The SASL PLAIN mechanism itself does not secure the connection, so the |
|---|
| | | example uses StartTLS. The example is provided with the OpenDJ LDAP SDK |
|---|
| | | examples in |
|---|
| | | <filename>org.forgerock.opendj.examples.saslauth.Main.java</filename>. |
|---|
| | | examples in <filename>org.forgerock.opendj.examples.SASLAuth.java</filename>. |
|---|
| | | The following excerpt shows the core of the bind process.</para> |
|---|
| | | |
|---|
| | | <programlisting language="java">try |
|---|
| | | <programlisting language="java"> |
|---|
| | | try |
|---|
| | | { |
|---|
| | | final LDAPConnectionFactory factory = |
|---|
| | | new LDAPConnectionFactory(host, port, getTrustAllOptions()); |
|---|
