Package org.frankframework.ldap

Class LdapClient

java.lang.Object

org.frankframework.ldap.LdapClient

All Implemented Interfaces:

ICacheEnabled<String,Set<String>>

public class LdapClient
extends Object
implements ICacheEnabled<String,Set<String>>

Client for LDAP.
consider setting the following properties:
- java.naming.provider.url
- com.sun.jndi.ldap.connect.pool
- java.naming.referral = follow
- nl.nn.iuf.LdapClient.groupAttributeCache.name
- nl.nn.iuf.LdapClient.groupAttributeCache.timeToLive

Connection Pooling:
To set connection pool properties that are set as custom properties, create a properties file named Ldap.properties with the attributes and place in the classpath. To override the name of the properties file or to locate the properties within some relative location to classpath, eg, nl/nn/iuf/Ldap.properties or Ldap-highperformance.properties add JVM custom property ldap.props.file to have the file name you want to have.

Connection pooling is enabled by passing environment property : "com.sun.jndi.ldap.connect.pool" with "true".

Supported attributes are as follows,
- com.sun.jndi.ldap.connect.pool.authentication
- com.sun.jndi.ldap.connect.pool.debug
- com.sun.jndi.ldap.connect.pool.initsize
- com.sun.jndi.ldap.connect.pool.maxsize
- com.sun.jndi.ldap.connect.pool.prefsize
- com.sun.jndi.ldap.connect.pool.protocol
- com.sun.jndi.ldap.connect.pool.timeout

See Also:

• "http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html"

Field Summary

Fields

Modifier and Type	Field	Description
static final String	JNDI_AUTH_ALIAS_KEY
protected static org.apache.logging.log4j.Logger	log

Constructor Summary

Constructors

Constructor	Description
LdapClient()
LdapClient(Map<String,Object> options)
LdapClient(Properties options)

Method Summary

Modifier and Type	Method	Description
String	authenticate(String username, String password, String searchDN, String baseDN, String searchFilter, String returnedAttributeDN, String returnedAttributeResult)
String	checkPassword(String userDN, String password, String baseDN, String returnedAttribute)
void	close()
protected void	configure()
Map<String,String>	getAttributeMap(NamingEnumeration<SearchResult> searchResultEnum)	Returns a Map of attribute values.
Map<String,List<String>>	getAttributeMultiMap(NamingEnumeration<SearchResult> searchResultEnum)	Returns a MultiMap of attribute values.
Set<String>	getAttributeSet(NamingEnumeration<SearchResult> searchResultEnum)	Returns a Set of attribute values.
ICache<String,Set<String>>	getCache()
DirContext	getContext()	Gets the Context When InitialContextFactory and ProviderURL are set, these are used to get the Context.
String	getFirstAttribute(SearchResult searchResult)
String	getFirstSearchResult(NamingEnumeration<SearchResult> searchResultEnum)
protected Hashtable<String,Object>	getJndiEnv(Set optionSet)
void	mapMultipleAttributes(NamingEnumeration<SearchResult> searchResultEnum, Callback<Attribute,Object> callback)	runs a set of attribute values through a Mapper.
void	mapMultiValuedAttribute(NamingEnumeration<SearchResult> searchResultEnum, Callback<Attribute,Object> callback)
void	open()
NamingEnumeration<SearchResult>	search(DirContext context, String searchDN, String filter, String[] returnedAttributes, int scope)
NamingEnumeration<SearchResult>	search(DirContext context, String searchDN, String filter, String returnedAttribute, int scope)
NamingEnumeration<SearchResult>	search(DirContext context, String searchDN, String filter, Set<String> returnedAttributes, int scope)
NamingEnumeration<SearchResult>	searchInObject(DirContext context, String objectDN, String baseDn, String attribute)
Map<String,String>	searchObjectForMultipleAttributes(String objectDN, String baseDn, Set<String> attributes)	Search LDAP without filter, for example to find attributes of a specific user/object.
Map<String,List<String>>	searchObjectForMultipleMultiValuedAttributes(String objectDN, String baseDn, Set<String> attributes)
Set<String>	searchObjectForMultiValuedAttribute(String objectDN, String baseDn, String attribute)	Search LDAP without filter, for example to find attributes of a specific user/object.
protected Set<String>	searchObjectForMultiValuedAttribute(DirContext context, String objectDN, String baseDn, String attribute)
protected Set<String>	searchObjectForMultiValuedAttributeWithCache(DirContext context, String objectDN, String baseDn, String attribute, boolean cacheNullResultsAsEmptySet)
String	searchObjectForSingleAttribute(String objectDN, String baseDn, String attribute)	Search LDAP without filter, for example to find attributes of a specific user/object.
String	searchObjectForSingleAttribute(DirContext context, String objectDN, String baseDn, String attribute)
String	searchObjectForSingleAttributeWithCache(String objectDN, String baseDn, String attribute)
protected String	searchObjectForSingleAttributeWithCache(DirContext context, String objectDN, String baseDn, String attribute)
Set<String>	searchRecursivelyViaAttributes(String uid, String baseDn, String attribute)
NamingEnumeration<SearchResult>	searchSubtree(DirContext context, String searchDN, String filter, Object[] params, String returnedAttribute)
NamingEnumeration<SearchResult>	searchSubtree(DirContext context, String searchDN, String filter, Object[] params, String[] returnedAttributes)
NamingEnumeration<SearchResult>	searchSubtree(DirContext context, String searchDN, String filter, String param, String returnedAttribute)
NamingEnumeration<SearchResult>	searchSubtree(DirContext context, String searchDN, String filter, String param, Set<String> returnedAttributes)
Map<String,String>	searchSubtreeForMultipleAttributes(String searchDN, String filter, String param, Set<String> attributes)	Search LDAP for an object in some group (specified by the filter), for example to search for a user/object.
Map<String,List<String>>	searchSubtreeForMultipleMultiValuedAttributes(String searchDN, String filter, String param, Set<String> attributes)
Set<String>	searchSubtreeForMultiValuedAttribute(String searchDN, String filter, String param, String attribute)
String	searchSubtreeForSingleAttribute(String searchDN, String filter, String param, String attribute)
void	setCache(ICache<String,Set<String>> cache)	optional cache definition

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

log

protected static org.apache.logging.log4j.Logger log

JNDI_AUTH_ALIAS_KEY

public static final String JNDI_AUTH_ALIAS_KEY

See Also:

• Constant Field Values

Constructor Details

LdapClient

public LdapClient()

LdapClient

public LdapClient(Map<String,Object> options)

LdapClient

public LdapClient(Properties options)

Method Details

configure

protected void configure()
                  throws ConfigurationException

Throws:

ConfigurationException

open

public void open()

close

public void close()

setCache

public void setCache(ICache<String,Set<String>> cache)

Description copied from interface: ICacheEnabled

optional cache definition

Specified by:

setCache in interface ICacheEnabled<String,Set<String>>

getCache

public ICache<String,Set<String>> getCache()

Specified by:

getCache in interface ICacheEnabled<String,Set<String>>

getJndiEnv

protected Hashtable<String,Object> getJndiEnv(Set optionSet)

getContext

public DirContext getContext()
                      throws NamingException

Gets the Context
When InitialContextFactory and ProviderURL are set, these are used to get the Context. Otherwise the the InitialContext is retrieved without parameters.
Notice: you can set the parameters on the commandline with
java -Djava.naming.factory.initial= xxx -Djava.naming.provider.url=xxx

Returns:

The context value

Throws:

NamingException - Description of the Exception

search

public NamingEnumeration<SearchResult> search(DirContext context,
 String searchDN,
 String filter,
 String returnedAttribute,
 int scope)
                                       throws NamingException

Throws:

NamingException

search

public NamingEnumeration<SearchResult> search(DirContext context,
 String searchDN,
 String filter,
 Set<String> returnedAttributes,
 int scope)
                                       throws NamingException

Throws:

NamingException

search

public NamingEnumeration<SearchResult> search(DirContext context,
 String searchDN,
 String filter,
 String[] returnedAttributes,
 int scope)
                                       throws NamingException

Throws:

NamingException

searchSubtree

public NamingEnumeration<SearchResult> searchSubtree(DirContext context,
 String searchDN,
 String filter,
 String param,
 Set<String> returnedAttributes)
                                              throws NamingException

Throws:

NamingException

searchSubtree

public NamingEnumeration<SearchResult> searchSubtree(DirContext context,
 String searchDN,
 String filter,
 String param,
 String returnedAttribute)
                                              throws NamingException

Throws:

NamingException

searchSubtree

public NamingEnumeration<SearchResult> searchSubtree(DirContext context,
 String searchDN,
 String filter,
 Object[] params,
 String returnedAttribute)
                                              throws NamingException

Throws:

NamingException

searchSubtree

public NamingEnumeration<SearchResult> searchSubtree(DirContext context,
 String searchDN,
 String filter,
 Object[] params,
 String[] returnedAttributes)
                                              throws NamingException

Throws:

NamingException

searchRecursivelyViaAttributes

public Set<String> searchRecursivelyViaAttributes(String uid,
 String baseDn,
 String attribute)
                                           throws NamingException

Throws:

NamingException

searchObjectForMultipleAttributes

public Map<String,String> searchObjectForMultipleAttributes(String objectDN,
 String baseDn,
 Set<String> attributes)
                                                     throws NamingException

Search LDAP without filter, for example to find attributes of a specific user/object.

Throws:

NamingException

searchObjectForMultipleMultiValuedAttributes

public Map<String,List<String>> searchObjectForMultipleMultiValuedAttributes(String objectDN,
 String baseDn,
 Set<String> attributes)
                                                                      throws NamingException

Throws:

NamingException

searchObjectForMultiValuedAttributeWithCache

protected Set<String> searchObjectForMultiValuedAttributeWithCache(DirContext context,
 String objectDN,
 String baseDn,
 String attribute,
 boolean cacheNullResultsAsEmptySet)
                                                            throws NamingException

Throws:

NamingException

searchObjectForMultiValuedAttribute

public Set<String> searchObjectForMultiValuedAttribute(String objectDN,
 String baseDn,
 String attribute)
                                                throws NamingException

Search LDAP without filter, for example to find attributes of a specific user/object.

Throws:

NamingException

searchObjectForMultiValuedAttribute

protected Set<String> searchObjectForMultiValuedAttribute(DirContext context,
 String objectDN,
 String baseDn,
 String attribute)
                                                   throws NamingException

Throws:

NamingException

searchObjectForSingleAttributeWithCache

public String searchObjectForSingleAttributeWithCache(String objectDN,
 String baseDn,
 String attribute)
                                               throws NamingException

Throws:

NamingException

searchObjectForSingleAttributeWithCache

protected String searchObjectForSingleAttributeWithCache(DirContext context,
 String objectDN,
 String baseDn,
 String attribute)
                                                  throws NamingException

Throws:

NamingException

searchObjectForSingleAttribute

public String searchObjectForSingleAttribute(String objectDN,
 String baseDn,
 String attribute)
                                      throws NamingException

Search LDAP without filter, for example to find attributes of a specific user/object.

Throws:

NamingException

searchObjectForSingleAttribute

public String searchObjectForSingleAttribute(DirContext context,
 String objectDN,
 String baseDn,
 String attribute)
                                      throws NamingException

Throws:

NamingException

searchInObject

public NamingEnumeration<SearchResult> searchInObject(DirContext context,
 String objectDN,
 String baseDn,
 String attribute)
                                               throws NamingException

Throws:

NamingException

searchSubtreeForMultipleAttributes

public Map<String,String> searchSubtreeForMultipleAttributes(String searchDN,
 String filter,
 String param,
 Set<String> attributes)
                                                      throws NamingException

Search LDAP for an object in some group (specified by the filter), for example to search for a user/object.

Throws:

NamingException

searchSubtreeForMultiValuedAttribute

public Set<String> searchSubtreeForMultiValuedAttribute(String searchDN,
 String filter,
 String param,
 String attribute)
                                                 throws NamingException

Throws:

NamingException

searchSubtreeForMultipleMultiValuedAttributes

public Map<String,List<String>> searchSubtreeForMultipleMultiValuedAttributes(String searchDN,
 String filter,
 String param,
 Set<String> attributes)
                                                                       throws NamingException

Throws:

NamingException

searchSubtreeForSingleAttribute

public String searchSubtreeForSingleAttribute(String searchDN,
 String filter,
 String param,
 String attribute)
                                       throws NamingException

Throws:

NamingException

getFirstSearchResult

public String getFirstSearchResult(NamingEnumeration<SearchResult> searchResultEnum)
                            throws NamingException

Throws:

NamingException

getFirstAttribute

public String getFirstAttribute(SearchResult searchResult)
                         throws NamingException

Throws:

NamingException

getAttributeSet

public Set<String> getAttributeSet(NamingEnumeration<SearchResult> searchResultEnum)
                            throws NamingException

Returns a Set of attribute values. The key of the attributes is ignored.

Throws:

NamingException

getAttributeMap

public Map<String,String> getAttributeMap(NamingEnumeration<SearchResult> searchResultEnum)
                                   throws NamingException

Returns a Map of attribute values. Only the first (or maybe the last...) value of each attribute is returned.

Throws:

NamingException

getAttributeMultiMap

public Map<String,List<String>> getAttributeMultiMap(NamingEnumeration<SearchResult> searchResultEnum)
                                              throws NamingException

Returns a MultiMap of attribute values.

Throws:

NamingException

mapMultiValuedAttribute

public void mapMultiValuedAttribute(NamingEnumeration<SearchResult> searchResultEnum,
 Callback<Attribute,Object> callback)
                             throws NamingException

Throws:

NamingException

mapMultipleAttributes

public void mapMultipleAttributes(NamingEnumeration<SearchResult> searchResultEnum,
 Callback<Attribute,Object> callback)
                           throws NamingException

runs a set of attribute values through a Mapper. Only the first value of each attribute is mapped.

Throws:

NamingException

checkPassword

public String checkPassword(String userDN,
 String password,
 String baseDN,
 String returnedAttribute)
                     throws NamingException

Throws:

NamingException

authenticate

public String authenticate(String username,
 String password,
 String searchDN,
 String baseDN,
 String searchFilter,
 String returnedAttributeDN,
 String returnedAttributeResult)
                    throws NamingException

Throws:

NamingException