我可以通过JNDI读取LDAP中存储的密码。但是结果是一些乱码。那么我该如何解密呢?
下面是我的代码:
public static void main(String[] args) { String INITCTX = "com.sun.jndi.ldap.LdapCtxFactory"; String MY_HOST = "ldap://KhooGP-Comp1:1389"; String MGR_DN = "cn=Directory Manager"; String MGR_PW = "password"; String MY_SEARCHBASE = "dc=QuizPortal"; String MY_FILTER = "uid=yiwei"; String MY_ATTRS[] = {"cn", "uid", "sn", "userpassword"}; //Identify service provider to use Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, INITCTX); env.put(Context.PROVIDER_URL, MY_HOST); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, MGR_DN); env.put(Context.SECURITY_CREDENTIALS, MGR_PW); try { // Create the initial directory context InitialDirContext initialContext = new InitialDirContext(env); DirContext ctx = (DirContext)initialContext; System.out.println("Context Sucessfully Initialized"); SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration results = ctx.search(MY_SEARCHBASE, MY_FILTER, constraints); while(results != null && results.hasMore()) { SearchResult sr = (SearchResult) results.next(); String dn = sr.getName() + "," + MY_SEARCHBASE; System.out.println("Distinguished Name is " + dn); Attributes ar = ctx.getAttributes(dn, MY_ATTRS); if(ar == null) { System.out.println("Entry " + dn); System.out.println(" has none of the specified attributes\n"); } else { for(int i=0; i<MY_ATTRS.length; i++) { Attribute attr = ar.get(MY_ATTRS[i]); System.out.println(MY_ATTRS[i] + ":"); for(Enumeration vals=attr.getAll(); vals.hasMoreElements();) { System.out.println("\t" + vals.nextElement()); } } } } } catch(Exception e) { System.err.println(e); } } Below is the result: Distinguished Name is uid=yiwei,ou=Administrator,o=SID,dc=QuizPortal cn: yiwei huang uid: yiwei sn: huang userpassword: [B@1cd8669
有什么建议吗?? 提前谢谢了
凯文
您所看到的([B @ 1cd8669)是Java所说的“这是一个字节数组”。
存储的“密码”很可能是真实密码的哈希值或加密版本。顾名思义,密码散列是不可逆的,因此,如果LDAP存储散列,则您将无法查看用户的密码。
如果它是加密的,那么如果您知道算法和密钥,则解密非常简单。BouncyCastle是一个很棒的Java加密库,可用于解密密码。
基本上,您需要确切了解所要查找的内容,这取决于LDAP设置。