I do have a web-application, where users must log in. The password is stored in a LDAP server. All information about the LDAP server are stored in the application server (glassfish) as external jndi resource. So my application does no know anything about the LDAP server and only gets a LdapContext like this:
@Resource(name = "ldap/users")
private LdapContext ctx;
With this context it is easy to change or read the information stored for the users, but how do i check their passwords? Normally i would joust do a new connection to check a users password. Like this:
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial");
env.put(Context.SECURITY_CREDENTIALS, "mysecret");
DirContext ctx = new InitialDirContext(env);
But since i don't know the this parameters i can't do this. So how do i check if the password of a user is correct with my LdapContext? The passwords are stored encrypted (ssha) so i can not just compare the attributes.
Thanks Raffael