Active Directory Integration
- Raman Saravanakumar
1. Indroduction:
An LDAP directory is a collection of data about users and groups. LDAP (Lightweight Directory Access Protocol) is an Internet protocol that web applications can use to look up information about those users and groups from the LDAP server.
2.Requirment:
- Connect JIRA instance to active directory using JAVA library.
- Redrive the active directory users and their attributes like general, organization, address etc...
- To connect LDAP in JIRA through configuration check this link, https://confluence.atlassian.com/adminjiraserver0710/connecting-to-an-ldap-directory-953144427.html
3.RND for connect LDAP:
Diagrams of some possible configurations
Diagram above: JIRA connecting to an LDAP directory.
Diagram above: JIRA connecting to an LDAP directory with permissions set to read only and local groups.
Here we are using java library for connecting the active directory.
We are using “ldapContext” method, This method is used to support LDAPv3 extended operations. The ldap context provides Searches in the named context or object for entries that satisfy the given search filter. Performs the search as specified by the search controls.
Code:
public static void main(String[] args) {
System.out.println("run: " + new Date());
LdapContext ldapContext = getLdapContext();
SearchControls searchControls = getSearchControls();
getUserInfo("testuser1", ldapContext, searchControls);
getUserInfo("saravanakumar", ldapContext, searchControls);
System.out.println("done: " + new Date());
}
private static LdapContext getLdapContext() {
LdapContext ctx = null;
try {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "Simple");
env.put(Context.SECURITY_PRINCIPAL, "empadadmin");// input user & password for access to ldap
env.put(Context.SECURITY_CREDENTIALS, "UCR;`4dV7gdg<>W");
env.put(Context.PROVIDER_URL, "ldap://40.76.8.19:389/");
env.put(Context.REFERRAL, "follow");
ctx = new InitialLdapContext(env, null);
System.out.println("LDAP Connection: COMPLETE");
} catch (NamingException nex) {
System.out.println("LDAP Connection: FAILED");
nex.printStackTrace();
}
return ctx;
}
private static SearchControls getSearchControls() {
SearchControls cons = new SearchControls();
cons.setSearchScope(SearchControls.SUBTREE_SCOPE);
String[] attrIDs = { "*" };
cons.setReturningAttributes(attrIDs);
return cons;
}
4. RND for get user details from active directory:
We are using “ldapContext” method, This method is used to support LDAPv3 extended operations. The ldap context provides Searches in the named context or object for entries that satisfy the given search filter. Performs the search as specified by the search controls.
Ex: ldapContext .search(Name, String, SearchControls);
private static User getUserInfo(String sAMAccountName, LdapContext ctx, SearchControls searchControls) {
System.out.println("*** " + sAMAccountName + " ***");
User user = null;
try {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> objs = ctx.search("cn=Users, dc=testad,dc=com", "sAMAccountName=" + sAMAccountName, searchControls);
// Loop through the objects returned in the search
while (objs.hasMoreElements())
{
// Each item is a SearchResult object
SearchResult match = (SearchResult) objs.nextElement();
// Print out the node name
System.out.println("Found "+match.getName()+":");
// Get the node's attributes
Attributes attrs = match.getAttributes();
NamingEnumeration e = attrs.getAll();
// Loop through the attributes
while (e.hasMoreElements())
{
// Get the next attribute
Attribute attr = (Attribute) e.nextElement();
// Print out the attribute's value(s)
System.out.print(attr.getID()+" = ");
for (int i=0; i < attr.size(); i++)
{
if (i > 0) System.out.print(", ");
System.out.print(attr.get(i));
}
System.out.println();
}
System.out.println("---------------------------------------");
}
} catch (Exception ex) {
ex.printStackTrace();
}
return user;
}
Note:
CN = Common Name.
OU = Organizational Unit.
DC = Domain Components.
Result:
5. Features:
5.1 Configuration for LDAP connection:
5.2 Show JIRA fields and AD fields configuration:
5.3. Allow users to select attributes:
