你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn

Azure Active Directory libraries for Java

Overview

Sign-on users and control access to applications and APIs with Azure Active Directory.

To get started with Azure AD, see Java web app sign-in and sign-out with Azure AD.

Client library

Configure OAuth2, OpenID Connect, or Active Directory Graph authentication and SAML 2.0 single-sign on with the Azure Active Directory authentication library (ADAL) for Java.

Add a dependency to your Maven pom.xml file to use the client library in your project.

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>adal4j</artifactId>
    <version>1.2.0</version>
</dependency>

Example

Retrieve a JSON Web Token (JWT) for a user in your an Active Directory tenant using Azure Active Directory's Graph API. This token can then be used to authenticate the user with an application or API.

ExecutorService service = Executors.newFixedThreadPool(1);
AuthenticationContext context = new AuthenticationContext(AUTHORITY, false, service);
Future<AuthenticationResult> future = context.acquireToken(
    "https://graph.windows.net", YOUR_TENANT_ID, username, password,
    null);
AuthenticationResult result = future.get();
System.out.println("Access Token - " + result.getAccessToken());
System.out.println("Refresh Token - " + result.getRefreshToken());
System.out.println("ID Token - " + result.getIdToken());

Management API

Configure role based access control and assign identities (such as users and service principals) to those roles with the management API.

Add a dependency to your Maven pom.xml file to use the management API in your project.

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>azure-mgmt-graph-rbac</artifactId>
    <version>1.3.0</version>
</dependency>

Example

Create a new service principal and assign it the Contributor role.

ServicePrincipal sp = Azure.servicePrincipals().define(spName)
    .withNewApplication("http://" + spName)
    .create();
RoleAssignment roleAssignment2 = authenticated.roleAssignments()
    .define("contribRoleAssignment")
    .forServicePrincipal(sp)
    .withBuiltInRole(BuiltInRole.CONTRIBUTOR)
    .withSubscriptionScope("862f67bc-d3ae-4243-bec7-3da6dca77717")
    .create();

Samples

Manage groups, users, and roles
Sign-in and sign-out users in a Java web app
Access an API with Azure AD using a command line app
Call the Active AD Graph API from your Java web app

Explore more sample Java code for Azure AD you can use in your apps.