I'm trying to add a ldap entry with jsp/jndi. The code is really rough, I'm learning, so if you have any advice please tell me. The SEARCH section works fine. The ADDENTRY section doesn't. it tells me :
" An exception occurred: [LDAP: error code 50 - The entry cn=m,o=Rubrica,dc=example,dc=com cannot be added due to insufficient access rights] "
this is my code:
<%@page import="javax.naming.NamingEnumeration"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<%@page import="java.util.*" %>
<%@page import="javax.naming.ldap.*" %>
<%@page import="javax.naming.directory.*"%>
<%@page import="javax.naming.directory.InitialDirContext"%>
<%@page import="javax.naming.directory.DirContext"%>
<%@page import="javax.naming.Context" %>
<%@page import="javax.naming.InitialContext" %>
<%@page import="javax.naming.NamingException" %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<h2>Rubrica</h2>
<!-- SEARCH ENTRY -->
<br>
<h3>Search:</h3>
<form action="" method="post">
Search Entry: <input type="text" name="search""><br>
<input type="submit" value="search">
</form>
<br><br>
<%
//CREATING AN INITIAL CONTEXT for search function:
//context = objects whose state is a set of bindings (=ldap entries), that have distinct atomic names.
//The Hashtable class represents the environments properties parameters
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com");
DirContext ctx = new InitialDirContext(env);
env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager,dc=example,dc=com");
env.put(Context.SECURITY_CREDENTIALS,"secret");
String searchName = (String)request.getParameter("search");
try{
request.getParameter("search");
Attributes attrs = ctx.getAttributes("cn = " + searchName);
out.println(attrs.get("cn").get()+": ");
out.println(attrs.get("telephonenumber").get());
}
catch (Exception e){
out.println("An exception occurred: " + e.getMessage());
}
%>
<br><br>------------------------------------</br><br>
<!-- ADD ENTRY -->
<br>
<h3>Add Entry:</h3>
<form action="" method="post">
Add Entry:<br><br>
Full Name: <input type="text" name="addcn"><br>
Surname: <input type="text" name="surname"><br>
PhoneNumber: <input type="text" name="pn"><br>
<input type="submit" value="addEntry">
</form>
<br><br>
<%
String addcn = (String)request.getParameter("addcn");
String surname = (String)request.getParameter("surname");
String pn = (String)request.getParameter("pn");
try{
//Create new set of attributes
BasicAttributes attrs1 = new BasicAttributes();
//(The item is a person)
Attribute classes = new BasicAttribute("objectClass");
classes.add("top");
classes.add("person");
// classes.add("organizationalPerson");
// Add the objectClass attribute to the attribute set
attrs1.put(classes);
// Store the other attributes in the attribute set
attrs1.put("sn", surname);
attrs1.put("telephonenumber", pn);
// Add the new entry to the directory server
ctx.createSubcontext("ldap://localhost:1389/cn="+addcn+",o=Rubrica,dc=example,dc=com", attrs1);
}
catch (Exception e){
out.println("An exception occurred: " + e.getMessage());
}
%>
</body>
I added the "Remove Entry" part:
<h3>Remove Entry:</h3>
<form method="post">
Insert Entry To Remove: <input type="text" name="delUser""><br>
<input type="submit" value="Remove">
</form><br><br>
<%
String delUser = (String)request.getParameter("delUser");
try
{
ctx.destroySubcontext("cn="+delUser);
}
catch (Exception e){
out.println("An exception occurred: " + e.getMessage());
}
%>
And the page gives me the same authentication error. ps. I'm using ldap + SASL on my machine. Maybe this could be the problem.
[SOLVED] The problem is that the order of instruction about the creation of the context was incorrect. In the code above I was doing a anonymous authetication. Follows the correct flow of operation:
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager");
env.put(Context.SECURITY_CREDENTIALS,"secret");
DirContext ctx = new InitialDirContext(env);
From your error it seems that you don't have access rights to add entry in the tree hierarchy you are trying to add entry. Do one of these tasks: