DN - Java JDNI LDAP - Common name vs User Id

Question 1

I use:

 env.put(Context.SECURITY_PRINCIPAL, username);
 env.put(Context.SECURITY_CREDENTIALS, password);

Works for me.

Question 2

In our LDAP autenthication routines, we create a jndi user account that the application uses to authenticate itself in the LDAP, once the application stablishes the connection using the distinguished name of the jndi user (example: uid=jndi,ou=branch,dc=com,dc=your,dc=organization) then (provided a branch for the user nodes in the tree) it uses the following code to check if the user uid is in the LDAP tree:

public String findUserDnByBranchAndUid(String branchName, String uid) throws NamingException {
    SearchControls searchControls = new SearchControls();
    searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
    searchControls.setCountLimit(1);

    NamingEnumeration<SearchResult> answer;
    answer = dirContext.search(branchName, String.format("(uid=%s)", uid), searchControls);

    if (answer.hasMoreElements()) {
        SearchResult searchResult = answer.nextElement();
        return searchResult.getNameInNamespace();
    } else {
        return null;
    }
}

Calling it like this:

String userDn = findUserDnByBranchAndUid("ou=users,dc=com,dc=your,dc=organization", "jsmith");

If userDn is not empty, then the user exists in the tree, then we proceed to establish a new conection using that DN (and the user password) instead of the jndi user DN.

If everithing goes well, then the user jsmith is logged in with it's credentials with just his/her id, without providing any not user-friendly DN.