Novell is now a part of Micro Focus

Adding Authentication to Your Web Site Using eDirectory and Novell LDAP Command JavaBeans

Articles and Tips: tip

Jeff Fischer
Research Engineer
Novell AppNotes
jfischer@novell.com

01 Apr 2003


Using eDirectory is a robust way to provide authentication to your web site. As web site developer, you'll have easy access to the user's attributes, such as name, phone, and address. This information you can display to the user as well as easily provide the user with the rights necessary they need to view your web site. Using eDirectory can prove to be more efficient, easier, and faster than using a database.

The HTML page will request from the user their username and password. The Java servlet will request the username and password from the HTML page and query eDirectory to see if the user exists. If the user does exist in the Directory, access to the web site will be granted. If not, access will be denied.

Here is the HTML code.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html><head>
<title>Authenticate to eDirectory</title>
</head>
<body bgcolor = "ffffde">
<h1>Please Enter Your Username and Password</h1>
<form method = "post" action = "http://server_ip_address:8080/servlet/auth1">
<p><label>Username:<input type = "text" size = "50" name = "username" /></label></p>
<p><label>Password:<input type = "password" size = "50" name = "password" /></label></p>
<br>
<p>
    <input type = "submit" value = "Authenticate" />
    <input type = "reset" value = "Clear Fields" />
</p></form></body></html>

Here is the Java Servlet code.

import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import com.novell.ecb.ldap.*;
import com.novell.ecb.*;
public class auth1 extends HttpServlet
{
    private static final String CONTENT_TYPE = "text/html";
    LdapConnection connection = null;
    public void init() throws ServletException
    {}
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException
    {
        response.setContentType(CONTENT_TYPE);
        PrintWriter out = response.getWriter();
        out.println("<html>");
        out.println("<head><title>Authentication Servlet</title></head>");
        out.println("<body bgcolor=\"#ffc800\">");
        AuthenticateLdap bean = new AuthenticateLdap();
        String s = "cn=" + request.getParameter("username") + ", o=novell";
        bean.setURL("ldap://edu-qc.provo.novell.com");
        bean.setDN(s);
        bean.setPassword(request.getParameter("password"));
        try
        {
            bean.execute();
        }
        catch(LdapAuthenticationException e)
        {
            out.println("<h1>You must have typed your password incorrectly</h1");
            e.printStackTrace(out);
        }
        catch(LdapNameNotFoundException e)
        {
            out.println("<h1>Sorry, your name is not in the Directory!</h1>");
            e.printStackTrace(out);
        }
        catch (Exception e)
        {
            e.printStackTrace(out);
        }
        out.println("</body></html>");
    }
}

* Originally published in Novell AppNotes


Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Micro Focus