Package org.frankframework.ldap

Class LdapSender

java.lang.Object
org.frankframework.jndi.JndiBase
org.frankframework.ldap.LdapSender
All Implemented Interfaces:
IConfigurable, IConfigurationAware, INamedObject, IScopeProvider, ISender, ISenderWithParameters, IWithParameters, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware
public class LdapSender extends JndiBase implements ISenderWithParameters
Sender to obtain information from and write to an LDAP Directory. Returns the set of attributes in an XML format. Examples are shown below.

example

Consider the following configuration example: 

 <sender
      className="org.frankframework.ldap.LdapSender"
      ldapProviderURL="ldap://servername:389/o=ing"
      operation="read"
      attributesToReturn="givenName,sn,telephoneNumber" >
     <param name="entryName" xpathExpression="entryName" />
 </sender>

This may result in the following output: 

 <ldap>
 	   <entryName>uid=srp,ou=people</entryName>
 	   <attributes>
         <attribute attrID="givenName">
             <value>Jan</value>
         </attribute>
         <attribute attrID="telephoneNumber">
             <value>010 5131123</value>
             <value>06 23456064</value>
         </attribute>
 	       <attribute attrID="sn">
             <value>Jansen</value>
 	       </attribute>
 	   </attributes>
 </ldap>

Search or Read? Read retrieves all the attributes of the specified entry. Search retrieves all the entries of the specified (by entryName) context that have the specified attributes, together with the attributes. If the specified attributes are null or empty all the attributes of all the entries within the specified context are returned. Sample result of a read operation:

 <attributes>
 	   <attribute>
 	   <attribute name="employeeType" value="Extern"/>
 	   <attribute name="roomNumber" value="DP 2.13.025"/>
 	   <attribute name="departmentCode" value="358000"/>
 	   <attribute name="organizationalHierarchy">
 	       <item value="ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	       <item value="ou=OPS&IT,ou=NL,ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	       <item value="ou=000001,ou=OPS&IT,ou=NL,ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	   </attribute>
 	   <attribute name="givenName" value="Gerrit"/>
 </attributes>

Sample result of a search operation:

 <entries>
 	   <entry name="uid=srp">
 	       <attributes>
 	           <attribute>
 	           <attribute name="employeeType" value="Extern"/>
 	           <attribute name="roomNumber" value="DP 2.13.025"/>
 	           <attribute name="departmentCode" value="358000"/>
 	           <attribute name="organizationalHierarchy">
 	               <item value="ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	               <item value="ou=OPS&IT,ou=NL,ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	               <item value="ou=000001,ou=OPS&IT,ou=NL,ou=ING-EUR,ou=Group,ou=Organization,o=ing"/>
 	           </attribute>
 	           <attribute name="givenName" value="Gerrit"/>
 	       </attributes>
 	   </entry>
     <entry> .... </entry>
    .....
 </entries>

Author:
Gerrit van Brakel, Jaco de Groot
Specific parameters
entryName Represents entryName (RDN) of interest., filterExpression Filter expression (handy with searching - see RFC2254)., principal Will overwrite jndiAuthAlias, principal and credential attributes together with parameter credentials which is expected to be present too. This will also have the effect of usePooling being set to false and the LDAP connection being made at runtime only (skipped at configuration time)., credentials See parameter principal. It's advised to set attribute hidden to true for parameter credentials.

  • Field Details

  • Constructor Details

    • LdapSender

      public LdapSender()

  • Method Details

    • configure

      public void configure() throws ConfigurationException
      Description copied from interface: ISender
      configure() is called once at startup of the framework in the configure method of the owner of this sender. Purpose of this method is to check whether the static configuration of the sender is correct. As much as possible class-instantiating should take place in the configure() or open() method, to improve performance.
      Specified by:
      configure in interface IConfigurable
      Specified by:
      configure in interface ISender
      Overrides:
      configure in class JndiBase
      Throws:
      ConfigurationException

    • storeLdapException

      public void storeLdapException(Throwable t, PipeLineSession session)

    • start

      public void start()
      Description copied from interface: ISender
      This method will be called to start the sender. After this method is called the sendMessage method may be called. Purpose of this method is to reduce creating connections to databases etc. in the sendMessage() method.
      Specified by:
      start in interface ISender

    • isSynchronous

      public boolean isSynchronous()
      Description copied from interface: ISender
      When true, the result of sendMessage is the reply of the request.
      Specified by:
      isSynchronous in interface ISender

    • performOperation

      public String performOperation(Message message, PipeLineSession session) throws SenderException, ParameterException
      Performs the specified operation and returns the results.
      Returns:
      - Depending on operation, DEFAULT_RESULT or read/search result (always XML)
      Throws:
      SenderException
      ParameterException

    • getSubContextList

      public String[] getSubContextList(DirContext parentContext, String relativeContext, PipeLineSession session)
      Return a list of all of the subcontexts of the current context, which is relative to parentContext.
      Returns:
      an array of Strings containing a list of the subcontexts for a current context.

    • sendMessage

      @Nonnull public SenderResult sendMessage(@Nonnull Message message, @Nonnull PipeLineSession session) throws SenderException, TimeoutException
      Description copied from interface: ISender
      Send a message to some destination (as configured in the Sender object). This method may only be called after the configure() method is called.

      The following table shows the difference between synchronous and a-synchronous senders:

       synchronousa-synchronous
      ISender.isSynchronous() returnstruefalse
      return value of sendMessage() isthe reply-messagethe messageId of the message sent
      the correlationID specified with sendMessage()may be ignoredis sent with the message
      a {link TimeOutException}may be thrown if a timeout occurs waiting for a replyshould not be expected

      Multiple objects may try to call this method at the same time, from different threads. Implementations of this method should therefore be thread-safe, or synchronized.

      Specified by:
      sendMessage in interface ISender
      Throws:
      SenderException
      TimeoutException

    • removeValuesFromAttributes

      protected Attributes removeValuesFromAttributes(Attributes input)
      Strips all the values from the attributes in input. This is performed to be able to delete the attributes without having to match the values. If values exist they must be exactly matched too in order to delete the attribute.

    • loopkupDirContext

      protected DirContext loopkupDirContext(Map<String,String> paramValueMap) throws NamingException
      Retrieves the DirContext from the JNDI environment and sets the providerURL back to ldapProviderURL if specified.
      Throws:
      NamingException

    • getDirContext

      protected DirContext getDirContext(Map<String,String> paramValueMap) throws SenderException
      Throws:
      SenderException

    • closeDirContext

      protected void closeDirContext(DirContext dirContext)

    • attributesToXml

      protected XmlBuilder attributesToXml(Attributes atts) throws NamingException
      Throws:
      NamingException

    • addParameter

      public void addParameter(IParameter p)
      Specified by:
      addParameter in interface IWithParameters

    • getParameterList

      public ParameterList getParameterList()
      Specified by:
      getParameterList in interface IWithParameters

    • setOperation

      public void setOperation(LdapSender.Operation value)
      Specifies LDAP operation to perform
      Default value
      read

    • setLdapProviderURL

      public void setLdapProviderURL(String string)
      URL to context to search in, e.g. 'ldap://edsnlm01.group.intranet/ou=people, o=ing' to search in te people group of ing cds. Used to overwrite the providerURL specified in jmsRealm.

    • setManipulationSubject

      public void setManipulationSubject(LdapSender.Manipulation value)
      Specifies subject to perform operation on.
      Default value
      attribute

    • setAttributesToReturn

      public void setAttributesToReturn(String string)
      Comma separated list of attributes to return. When no are attributes specified, all the attributes from the object read are returned.
      Default value
      all attributes

    • setUsePooling

      public void setUsePooling(boolean b)
      Specifies whether connection pooling is used or not
      Default value
      true when principal not set as parameter, false otherwise

    • setSearchTimeout

      public void setSearchTimeout(int i)
      Specifies the time (in ms) that is spent searching for results for operation search
      Default value
      20000

    • setErrorSessionKey

      public void setErrorSessionKey(String string)
      Key of session variable used to store cause of errors
      Default value
      errorReason

    • setMaxEntriesReturned

      public void setMaxEntriesReturned(int i)
      The maximum number of entries to be returned by a search query, or 0 for unlimited
      Default value
      0

    • setUnicodePwd

      public void setUnicodePwd(boolean b)
      When true the attributes passed by the input xml are scanned for an attribute with id unicodepwd, when found the value of this attribute will be encoded as required by active directory (a UTF-16 encoded unicode string containing the password surrounded by quotation marks) before sending it to the LDAP server
      Default value
      false

    • setReplyNotFound

      public void setReplyNotFound(boolean b)
      (Only used when operation=search/deepsearch) when true the xml '<ldapresult>object not found</ldapresult>' is returned instead of the PartialResultException 'unprocessed continuation reference(s)'
      Default value
      false

    • getSearchTimeout

      public int getSearchTimeout()

    • getOperation

      public LdapSender.Operation getOperation()

    • getManipulationSubject

      public LdapSender.Manipulation getManipulationSubject()

    • getLdapProviderURL

      public String getLdapProviderURL()

    • getAttributesToReturn

      public String getAttributesToReturn()

    • isUsePooling

      public boolean isUsePooling()

    • getErrorSessionKey

      public String getErrorSessionKey()

    • getMaxEntriesReturned

      public int getMaxEntriesReturned()

    • isUnicodePwd

      public boolean isUnicodePwd()

    • isReplyNotFound

      public boolean isReplyNotFound()