為什么80%的碼農(nóng)都做不了架構(gòu)師？>>> ??

只提供免證書(shū)的認(rèn)證部分，操作部分可以百度。

認(rèn)證部分，得到context即可對(duì)域進(jìn)行各種操作；

/*** 本文章是針對(duì)java JNDI方式操作ldap服務(wù)器。* 這里給出一個(gè)關(guān)鍵的片段，通過(guò)這段代碼獲取的Context是可以免證書(shū)的進(jìn)行操作遠(yuǎn)程AD域的,我之前就是通過(guò)證書(shū)方式的，一大堆復(fù)雜的操作導(dǎo)出什么密鑰庫(kù)之類的。且證書(shū)1年就失效了還 要企業(yè)根證書(shū)才行，很多限制！后來(lái)花了很多心思才找到這個(gè)方法。* DummySSLSocketFactory 這個(gè)類我放外面好了方便猿友們導(dǎo)出，這段代碼就是獲取連接，我就沒(méi)管那么多了直接貼了方法上來(lái)。* 獲取AD上下文對(duì)象* @param res* @return*/public final static LDAPDirContext getContext(ResourceBean res){LDAPDirContext context = null;try {Properties mEnv = new Properties();mEnv.put(Context.AUTHORITATIVE, "true");mEnv.put(Context.SECURITY_PROTOCOL, "ssl");mEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");mEnv.put(Context.PROVIDER_URL, res.getExpand("url"));//mEnv.put(Context.SECURITY_AUTHENTICATION, "simple");mEnv.put(Context.SECURITY_PRINCIPAL, res.getUserName());// administrator@test.commEnv.put(Context.SECURITY_CREDENTIALS, res.getPassWord());//關(guān)鍵代碼，注意對(duì)應(yīng)的DummySSLSocketFactory這個(gè)類的包路徑要正確，mEnv.put("java.naming.ldap.factory.socket", “org.utils.ad.DummySSLSocketFactory");context = new LDAPDirContext(mEnv);} catch (Exception e) {e.printStackTrace();context = null;System.out.println("AD域認(rèn)證失敗!");}return context;}

認(rèn)證類，直接復(fù)制到工具類下即可，check**方法中沒(méi)有任何操作，既信任任何證書(shū)：

package org.utils.ad;import java.security.cert.*; import javax.net.ssl.*; import java.security.cert.X509Certificate; public class DummyTrustManager implements X509TrustManager {public void checkClientTrusted( X509Certificate[] cert, String authType) {return;}public void checkServerTrusted( X509Certificate[] cert, String authType) {return;}public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];} }

?

package org.utils.ad; import java.security.cert.X509Certificate; import java.io.IOException; import java.net.InetAddress; import java.net.Socket; import javax.net.ssl.*; import javax.net.SocketFactory;public class DummySSLSocketFactory extends SSLSocketFactory {private SSLSocketFactory factory;public DummySSLSocketFactory() {try {SSLContext sslcontext = SSLContext.getInstance("TLS");sslcontext.init( null, // No KeyManager requirednew TrustManager[] { new DummyTrustManager()},new java.security.SecureRandom());factory = ( SSLSocketFactory) sslcontext.getSocketFactory();} catch( Exception ex) { ex.printStackTrace(); }}public static SocketFactory getDefault() {return new DummySSLSocketFactory();}public Socket createSocket( Socket socket, String s, int i, boolean flag) throws IOException {return factory.createSocket( socket, s, i, flag);}public Socket createSocket( InetAddress inaddr, int i, InetAddress inaddr1, int j) throws IOException {return factory.createSocket( inaddr, i, inaddr1, j);}public Socket createSocket( InetAddress inaddr, int i) throws IOException {return factory.createSocket( inaddr, i);}public Socket createSocket( String s, int i, InetAddress inaddr, int j) throws IOException {return factory.createSocket( s, i, inaddr, j);}public Socket createSocket( String s, int i) throws IOException {return factory.createSocket( s, i);}public String[] getDefaultCipherSuites() {return factory.getSupportedCipherSuites();}public String[] getSupportedCipherSuites() {return factory.getSupportedCipherSuites();}}

測(cè)試可以正常使用windows的域操作。

?

轉(zhuǎn)載于:https://my.oschina.net/qiaojj/blog/2251630

總結(jié)

以上是生活随笔為你收集整理的java操作ad域 免证书的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。