/**
 * 連接LDAP
 */ 
@SuppressWarnings({ "rawtypes", "unchecked" }) 
public LdapContext connetLDAP() throws NamingException { 
    // 連接Ldap需要的信息 
    String ldapFactory = "com.sun.jndi.ldap.LdapCtxFactory"; 
    String ldapUrl = "ldap:/IP:port";// url 
    String ldapAccount = "cn=root"; // 用戶名 
    String ldapPwd = "password";//密碼 
    Hashtable env = new Hashtable(); 
    env.put(Context.INITIAL_CONTEXT_FACTORY, ldapFactory); 
    // LDAP server 
    env.put(Context.PROVIDER_URL, ldapUrl); 
    env.put(Context.SECURITY_AUTHENTICATION, "simple"); 
    env.put(Context.SECURITY_PRINCIPAL, ldapAccount); 
    env.put(Context.SECURITY_CREDENTIALS, ldapPwd); 
    env.put("java.naming.referral", "follow"); 
    LdapContext ctxTDS = new InitialLdapContext(env, null); 
    return ctxTDS; 
} 

 
// 添加 
    public void testAdd() throws Exception { 
        LdapContext ctx = connetLDAP(); 
        Attributes attrs = new BasicAttributes(true); 
        Attribute objclass = new BasicAttribute("objectclass"); 
        // 添加ObjectClass 
        String[] attrObjectClassPerson = { "inetOrgPerson", "organizationalPerson", "person", "top" }; 
        Arrays.sort(attrObjectClassPerson); 
        for (String ocp : attrObjectClassPerson) { 
            objclass.add(ocp); 
        } 
        attrs.put(objclass); 
        String uid = "zhangsan"; 
        String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc"; 
        // 密碼處理 
        // attrs.put("uid", uid); 
        attrs.put("cn", uid); 
        attrs.put("sn", uid); 
        attrs.put("displayName", "張三"); 
        attrs.put("mail", "[email protected]"); 
        attrs.put("description", ""); 
        attrs.put("userPassword", "Passw0rd".getBytes("UTF-8")); 
        ctx.createSubcontext(userDN, attrs); 
    } 

//刪除 
    public void testRemove() throws Exception { 
        LdapContext ctx = connetLDAP(); 
        String uid = "zhangsan"; 
        String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc"; 
        ctx.destroySubcontext(userDN); 

    } 

 
//修改 
    public boolean testModify() throws Exception { 
        boolean result = true; 
        LdapContext ctx = connetLDAP(); 
        String uid = "zhangsan"; 
        String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc"; 
        Attributes attrs = new BasicAttributes(true); 
        attrs.put("mail", "[email protected]"); 
        ctx.modifyAttributes(userDN, DirContext.REPLACE_ATTRIBUTE, attrs); 
        return result; 

    } 

//查詢 
    public void testSearch() throws Exception { 
        LdapContext ctx = connetLDAP(); 
        // 設置過濾條件 
        String uid = "zhangsan"; 
        String filter = "(&(objectClass=top)(objectClass=organizationalPerson)(uid=" + uid + "))"; 
        // 限制要查詢的字段內容 
        String[] attrPersonArray = { "uid", "userPassword", "displayName", "cn", "sn", "mail", "description" }; 
        SearchControls searchControls = new SearchControls(); 
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); 
        // 設置將被返回的Attribute 
        searchControls.setReturningAttributes(attrPersonArray); 
        // 三個參數分別為： 
        // 上下文； 
        // 要搜索的屬性，如果為空或 null，則返回目標上下文中的所有對象； 
        // 控制搜索的搜索控件，如果為 null，則使用默認的搜索控件 
        NamingEnumeration<SearchResult> answer = ctx.search("cn=users,dc=cas,dc=mydc", filter.toString(), searchControls); 
        // 輸出查到的數據 
        while (answer.hasMore()) { 
            SearchResult result = answer.next(); 
            NamingEnumeration<? extends Attribute> attrs = result.getAttributes().getAll(); 
            while (attrs.hasMore()) { 
                Attribute attr = attrs.next(); 
                System.out.println(attr.getID() + "=" + attr.get()); 
            } 
            System.out.println("============"); 
        } 
    }