Search and add a ldap entry using JSP/JNDI

678 views Asked by At

I'm trying to add a ldap entry with jsp/jndi. The code is really rough, I'm learning, so if you have any advice please tell me. The SEARCH section works fine. The ADDENTRY section doesn't. it tells me :

" An exception occurred: [LDAP: error code 50 - The entry cn=m,o=Rubrica,dc=example,dc=com cannot be added due to insufficient access rights] "

this is my code:

<%@page import="javax.naming.NamingEnumeration"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>    
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<%@page import="java.util.*" %>
<%@page import="javax.naming.ldap.*" %>
<%@page import="javax.naming.directory.*"%>
<%@page import="javax.naming.directory.InitialDirContext"%>
<%@page import="javax.naming.directory.DirContext"%>
<%@page import="javax.naming.Context" %>
<%@page import="javax.naming.InitialContext" %>
<%@page import="javax.naming.NamingException" %>


<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>JSP Page</title>
</head>
<body>
    <h2>Rubrica</h2>



    <!-- SEARCH ENTRY  -->



    <br>
    <h3>Search:</h3>
    <form action="" method="post">
        Search Entry: <input type="text" name="search""><br>
    <input type="submit" value="search">
    </form>
    <br><br>

    <%

    //CREATING AN INITIAL CONTEXT for search function:
    //context = objects whose state is a set of bindings (=ldap entries), that have distinct atomic names. 
    //The Hashtable class represents the environments properties parameters            
        Hashtable env = new Hashtable();
        env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com");
        DirContext ctx = new InitialDirContext(env);
        env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager,dc=example,dc=com");
        env.put(Context.SECURITY_CREDENTIALS,"secret");



    String searchName = (String)request.getParameter("search");

     try{
        request.getParameter("search");
        Attributes attrs = ctx.getAttributes("cn = " + searchName);
        out.println(attrs.get("cn").get()+": ");            
        out.println(attrs.get("telephonenumber").get()); 
    } 
     catch (Exception e){
        out.println("An exception occurred: " + e.getMessage());
     }        
    %>


    <br><br>------------------------------------</br><br>



    <!-- ADD ENTRY  -->


    <br>
    <h3>Add Entry:</h3>
    <form action="" method="post">
        Add Entry:<br><br>
        Full Name:   <input type="text" name="addcn"><br>
        Surname:     <input type="text" name="surname"><br>
        PhoneNumber: <input type="text" name="pn"><br>
    <input type="submit" value="addEntry">
    </form>
    <br><br>

    <%             

     String addcn = (String)request.getParameter("addcn");
     String surname = (String)request.getParameter("surname");
     String pn = (String)request.getParameter("pn");

     try{
        //Create new set of attributes
        BasicAttributes attrs1 = new BasicAttributes();
        //(The item is a person)
        Attribute classes = new BasicAttribute("objectClass");
        classes.add("top");
        classes.add("person");
//   classes.add("organizationalPerson");
        // Add the objectClass attribute to the attribute set
           attrs1.put(classes);
        // Store the other attributes in the attribute set
           attrs1.put("sn", surname);
           attrs1.put("telephonenumber", pn);
        // Add the new entry to the directory server

           ctx.createSubcontext("ldap://localhost:1389/cn="+addcn+",o=Rubrica,dc=example,dc=com", attrs1);     
        } 
        catch (Exception e){
            out.println("An exception occurred: " + e.getMessage());
     }            
     %>

</body>

I added the "Remove Entry" part:

    <h3>Remove Entry:</h3>
    <form method="post">
        Insert Entry To Remove: <input type="text" name="delUser""><br>
    <input type="submit" value="Remove">
    </form><br><br>



    <%
    String delUser = (String)request.getParameter("delUser");
    try
    {
        ctx.destroySubcontext("cn="+delUser);
        }
        catch (Exception e){
            out.println("An exception occurred: " + e.getMessage());
        }
    %>

And the page gives me the same authentication error. ps. I'm using ldap + SASL on my machine. Maybe this could be the problem.

[SOLVED] The problem is that the order of instruction about the creation of the context was incorrect. In the code above I was doing a anonymous authetication. Follows the correct flow of operation:

        env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");                     
        env.put(Context.PROVIDER_URL, "ldap://localhost:1389/o=Rubrica,dc=example,dc=com");

        env.put(Context.SECURITY_AUTHENTICATION, "simple");            

        env.put(Context.SECURITY_PRINCIPAL,"cn=Directory Manager");            
        env.put(Context.SECURITY_CREDENTIALS,"secret");


        DirContext ctx = new InitialDirContext(env);
1

There are 1 answers

4
Muhammad Imran Tariq On

From your error it seems that you don't have access rights to add entry in the tree hierarchy you are trying to add entry. Do one of these tasks:

  1. Use admin user to add entry.
  2. Try to add entry in hierarchy where you have rights to add entry.
  3. Grant rights to the user you are using to add entry.