Using JAVA code with Active Directory

2008/05/01

in Identity and Access

I tend to run into many JAVA coded applications which are coded simply for LDAP access, but do not utilize Active Directory as well as they could be.  Here are some resources JAVA developers can utilize to create more effective integrations.

Fortunately, there is guidance from Steven Adler and other resources out there on how to write better JAVA applications for integration with Active Directory.  I have often referred to his posts when helping developers, but it makes sense to attempt to consolidate those links here for others.  If you are a JAVA developer, bookmark this page, as I intend to update it as I discover useful information.

I attempted to break them apart into sections to where I thought there were applicable, and summarize what each post’s intended solution was for.

Note 2010-12-10 -  Based upon web logs, this seems to be a very popular page, but since Oracle acquired Java some of these links have been changed. I have gone back and attempted to find the new links. All Sun links have now been corrected to Oracle links, but please post a comment if any links still do not work.

Authentication

  1. JNDI, Active Directory and Authentication (part 1) – Using the GSS-API with Kerberos for authenticating users utilizing JAAS
  2. JNDI, Active Directory & Authentication (part 2) – Using SSL or LDAPS
  3. JNDI, Active Directory & Authentication (part 3) – Using Digest-MD5
  4. JNDI, Active Directory and Authentication (Part 4) (SASL EXTERNAL) – using TLS/Certificates with the external SASL mechanism
  5. JNDI, Active Directory and Authentication (part 5) – Using the Server Fast Bind Control for authentication.
  6. JNDI, Active Directory (Creating new users & demystifying userAccountControl) – Creating new users in Active Directory
  7. Step by step instructions for LDAP SSL

Authorization

  1. JAVA of the PAC – Using the Kerberos PAC for Authorization with JAVA

Directory Operations (Connect,Search)

  1. JNDI, Active Directory & Persistent Searches (part 1) – Utilizing the DirSync Control
  2. JNDI, Active Directory and Persistent Searches (part 2)
  3. JNDI, Active Directory, Paging and Range Retrieval – Effective use of paging to conform to the 1000 MaxPageSize Query Policy
  4. JNDI, Active Directory and objectGUID’s – Searching and displaying the objectGuid value
  5. JNDI, Active Directory and SID’s (Security Identifiers) – Searching and displaying the objectSid value in both friendly string, and binary format
  6. JNDI, Active Directory and LDAP Extended Controls (LDAP Stats, Verify Name)
  7. Querying deleted objects container in Active Directory using JNDI
  8. JNDI, Active Directory, Attribute Scoped Queries
  9. JNDI, Active Directory, Referrals and Global Catalog – Also useful information on using SRV DNS records for services discovery

Managing Objects

  1. JNDI, Active Directory & Changing Passwords
  2. JNDI, Active Directory and User Account status (account expired, locked)
  3. JNDI, Active Directory, Extending the schema
  4. Creating MailBox-enabled Users In Active Directory Using JNDI
  5. JNDI, Active Directory and Group Memberships – Retrieving group membership information

Other related resources for JAVA:

Technorati Tags: ,,

Related posts:

14 comments
  Livefyre
Newest | Oldest
Khan Fahad
Khan Fahad

These links are not working now. Can you please update these links.

Thanks,
Baber

Jef
Jef

Khan,

I went back and found all the new Oracle links to the posts since they purchased Java. All the previous links should now work.

Thanks for letting me know so that I could fix it.

Jef

Jef
Jef

Khan,

Jef
Jef

Sure I will research and update links this week

Ramesh
Ramesh

Hai Troy,

Could u pls try the "Unix path separator" .. "/" instead of Windows Path separator (""). or use double as a path separator

Troy Richard
Troy Richard

This code has been extremely helpful. However I'm having an issue with the changing of the password section. I have added this for the trustStore stuff. String keystore = "C:Program FilesIBMSDPjdkjrelibsecuritycacerts"; System.setProperty("javax.net.ssl.trustStore", keystore);However when I connect now I get a socket exception at the tls.negotiate(); line.Any ideas what might be causing this or how I can get more detail on the error?

kaushik
kaushik

User gets authenticated using LDAP, then thru GSS he needs to access(read) the data across other domains without re-authentications on a kerberos server. Please provide a java code for drawing a resolution on this. Urgently needed

kaushik
kaushik

User gets authenticated using LDAP, then thru GSS he needs to access(read) the data across other domains without re-authentications on a kerberos server. Please provide a java code for drawing a resolution on this. Urgently needed

chandan
chandan

can some one tell me the code,on how to search an user in Active Directory using Java code

ricky
ricky

Interesting post, it helps me in my research, thanks!

Java et Active Direc
Java et Active Direc

RE: Using JAVA code with Active Directory
Si vous êtes développeur JAVA et que la tache incongrue de vous interfacer avec Active Directory vous

Java et Active Direc
Java et Active Direc

RE: Using JAVA code with Active Directory

Si vous êtes développeur JAVA et que la tache incongrue de vous interfacer avec Active Directory vous

Trackbacks

  1. WorkPapers Software, Java, Google Web Toolkit, and DCMA- Kirt Cathey, NH2GX, JG1FXZ says:
    2010/03/24 at 2:35 am

    [...] I have been looking into developing domain analysis tools (especially AD) with Java and came by this link that outlines all the resources from Sun Oracle that outline how to use the JNDI framework for AD [...]

  2. xmpp single sign on sso says:
    2011/04/15 at 10:50 am

    [...] and found this useful information: OTN Discussion Forums : JNDI, Active Directory and … Using JAVA code with Active Directory – JefTek.com OpenLDAP, Java LDAP OpenLDAP, JDBC-LDAP Bridge Driver I have never used this before so other than [...]