TechQA.

LDAP java single sign-on on Liberty server

1.8k views Asked by At

I want to implement Single sign on Websphere-Liberty server using Java. I want to authenticate users using LDAP.

I searched a lot but could not find exact example. I have checked each available example on stack overflow as well. but no luck.

It would be great if one can provide demo or example code for the same.

Thanks in advance.

update : I was able to implement the same with the help of waffle.. but waffle doesn't work with Linux/Unix. .. can anyone please help me?

java ldap single-sign-on websphere-liberty open-liberty
Original Q&A
3

There are 3 answers

2
ayrusme On

If you're using LDAP, the authentication can be passed off like Basic. If you know the username and password, append the header "Authorization" with the value "Basic base64_token".

The base64 token is a string that is base64 encoded with your username and password in the format username:password. Ideally, this should work. Let me know if it doesn't work. In that case, we can explore options using SPNEGO.

Code for LDAP in JAVA:

public class Main
{
  public static void main(String[] args)
  {
    //Replace username and password with your username and password
    token = Base64.getEncoder().encodeToString((username + ":" + password).getBytes())
    conn = (HttpURLConnection) endpoint.openConnection();

    // Set the necessary header fields, which in this case is Basic
    conn.addRequestProperty("Authorization", "Basic " + token);

   //Continue to do what you want to do after this. This should authenticate 
  // you to the server
  }
}
0
Sandeep Jain On

for specifically windows . Single sign on can be done by using waffle.

For Ldap authentication you can go by spring mvc to simple java class with below lines of code :

    String username = login.getUsername();// "ancb";
    String password = login.getPassword();// "*****";
    String base = "OU=******,DC=InfoDir,DC=DEV,DC=****";
    String dn = "CN=" + username + "," + base;
    String ldapURL = "ldaps://****.systems.**.****:3269";

    // Setup environment for authenticating
    Hashtable<String, String> environment = new Hashtable<String, String>();
    environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    environment.put(Context.PROVIDER_URL, ldapURL);
    environment.put(Context.SECURITY_AUTHENTICATION, "simple");
    environment.put(Context.SECURITY_PRINCIPAL, dn);
    environment.put(Context.SECURITY_CREDENTIALS, password);

    String dynamicLdapaccount = "(CN="+ username +")" ;

        DirContext authContext = new InitialDirContext(environment);

For Single Sign On :

U need to setup Kerberos and Spnego configuration at the server level . for liberty server its server.xml needs modification.

0
dharmendra On

waffle dosent support *nix. You can use JASS (Java SE 8 only) with support of Krb5LoginModule which will let you to cache OS ticket.

Related Questions in JAVA

Related Questions in LDAP

Related Questions in SINGLE-SIGN-ON

Related Questions in WEBSPHERE-LIBERTY

Related Questions in OPEN-LIBERTY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions