问题
I want to query user credentials against an Active Directory without the user entering his credentials. i.e The user logs into his corporate system(Intranetwork) i need to use these credentials to verify against an AD and retrieve his email address if the user exists.(NO single sign on required)
回答1:
Of course, It is too late to answer, but ... someone like me can search same answer...
I'm just not sure why do you need to verify user credentials? If user already logged-in then ... credentials are verified.
Getting his email (and other info from AD) is possible by using Windows powershell.
public class TestWindowsAD {
public static void main(String... args) throws Exception {
System.out.println("Current user e-mail: " + getCurrentUserEmail());
}
private static String getCurrentUserEmail() {
String cmd = "powershell \"Add-Type -AssemblyName System.DirectoryServices.AccountManagement;[System.DirectoryServices.AccountManagement.UserPrincipal]::Current.EmailAddress;\"";
String userEmail = "";
if (!System.getProperty("os.name").toLowerCase().startsWith("win")) { throw new RuntimeException(
"We are not in Windows! OS is " + System.getProperty("os.name")); }
Runtime rt = Runtime.getRuntime();
Process pr;
try {
pr = rt.exec(cmd);
pr.waitFor();
BufferedReader bf = new BufferedReader(new InputStreamReader(pr.getInputStream()));
String nextLine = null;
while (true) {
nextLine = bf.readLine();
if (nextLine == null) break;
userEmail = nextLine;
}
bf.close();
} catch (Exception e) {
System.err.println("Failed to get user email: " + e.getMessage());
throw new RuntimeException(e);
}
return userEmail;
}
P.S. if you need more info just run in command prompt:
powershell "Add-Type -AssemblyName System.DirectoryServices.AccountManagement;[System.DirectoryServices.AccountManagement.UserPrincipal]::Current"
and pick what you need.
来源:https://stackoverflow.com/questions/38601372/querying-active-directory