I tried to Authenticate the mobile user on IDAM-LDAP via NetIq. But for that we need some of the service or mechanism in which we can verify directly send our username and password and that will be validated by NetIq via LDAP.
I tried with simple java connection to LDAP for user authentication.
Below parameters are used
INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); \n
PROVIDER_URL, "ldap:// IP ADDRESS :10389");
SECURITY_PRINCIPAL, "CN=Testnetiq.O=IBOM_test");
SECURITY_CREDENTIALS, "PASSWORD");
Apart from which parameters we can use to successful testing so that we can implement in java adapter.
package com.wipro.ibm;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
public class Testing {
public static void main(String[] args) throws Exception {
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap:// ldap ip :10389");
props.put(Context.SECURITY_PRINCIPAL, "CN=Testnetiq.O=IBOM_test");
props.put(Context.SECURITY_CREDENTIALS, "Wipro@123");
InitialDirContext context = new InitialDirContext(props);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] { "givenName", "sn", "memberOf" });
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<javax.naming.directory.SearchResult> answers = context.search("o=IBOM_test",
"(uid=" + "Test123" + ")", ctrls);
javax.naming.directory.SearchResult result = answers.nextElement();
String user = result.getNameInNamespace();
try {
props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap://ldap ip :10389");
props.put(Context.SECURITY_PRINCIPAL, user);
props.put(Context.SECURITY_CREDENTIALS, "Test@123");
context = new InitialDirContext(props);
} catch (Exception e) {
System.out.println("false");
}
System.out.println("True");
}
}
The error javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 - Confidentiality Required indicates that you need to connect using TLS/SSL instead of connecting to the clear text port.
Normally that is port 636 but in your case it might be 10636 since your non-encrypted port is 10389.