Post on 27-Jan-2015
description
License CC-BY-SA1
Application Development Using Spring LDAP
Balaji Varanasi
About Me
Development Manager Author LDAPUnit Creator
License CC-BY-SA
Agenda
JNDI
Java LDAP Application Development
Java LDAP Development
• JNDI Way Of Development
• Connect to LDAP Server
• Perform LDAP Operations
• Close resources
JNDI – Connecting to LDAP
Properties environment = new Properties();environment.setProperty(DirContext.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");environment.setProperty(DirContext.PROVIDER_URL, "ldap://localhost:11389");environment.setProperty(DirContext.SECURITY_PRINCIPAL, "cn=Directory Manager");environment.setProperty(DirContext.SECURITY_CREDENTIALS, "opendj");
DirContext context = new InitialDirContext(environment);
JNDI – Performing LDAP OperationSearchControls searchControls = new SearchControls();searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);searchControls.setReturningAttributes(new String[]{"givenName", "sn",
"telephoneNumber"});
searchResults = context.search(BASE_PATH, "(objectClass=inetOrgPerson)", searchControls);
while (searchResults.hasMore()) {SearchResult result = searchResults.next();Attributes attributes = result.getAttributes();// Read single valued attributesString firstName = (String)attributes.get("givenName").get(); String lastName = (String)attributes.get("sn").get();
// Read the multi-valued attributeAttribute phoneAttribute = attributes.get("telephoneNumber");String[] phone = new String[phoneAttribute.size()];NamingEnumeration phoneValues = phoneAttribute.getAll();
for(int i = 0; phoneValues.hasMore(); i++) {phone[i] = (String)phoneValues.next();
}}
JNDI – Close Resources
if (searchResults != null) {
searchResults.close();}
if(context != null) {
context.close();}
JNDI LDAP Operations Demo
What’s wrong with JNDI?
• JNDI Drawbacks
• Plumbing Code
• Explicit Resource Management
• Checked Exceptions
Spring LDAP
Spring LDAP
“Makes it easier to build Spring-based applications that use the Lightweight Directory
Access Protocol”
Spring LDAP
“Makes it easier to build Spring-based applications that use the Lightweight Directory
Access Protocol”
Spring LDAP
• Rich set of features– Template and utility classes
– Search Filters
– ODM
– LDIF Parsing
– Transaction Management
– Connection Pooling
– Unchecked exception hierarchy
• Currently 1.3.2
• 2.0.0 in works
Spring LDAP Application Development
Spring LDAP Development
• Core Concepts
• Context Source
• LdapTemplate
Spring LDAP Development
• Context Source
• Abstracts LDAP Connection
• LdapContextSource implementation
LdapTemplate
• Provides Overloaded
• Search
• Lookup
• Bind/Unbind
• Authenticate methods
• Thread safe
Spring LDAP Template Demo
Integration Testing LDAP Code
• Integration Testing requirements
• Ability to spin up LDAP servers programmatically
• Programmatically start and stop servers
• We need to load data for each set of tests
• Embedded Servers
• Lightweight in nature
• Quick startup time
• Ease of configuration
• OpenDJ/OpenDS, ApacheDS, UnboundID
LdapUnit
• Simplifies LDAP Testing
• Supports three embedded servers
• Provides abstraction for other servers to be plugged in
• Puts LDAP Server in a known state
• Works with Spring LDAP or standalone Java code
• Version 0.6.0
• Code on GitHub: https://github.com/bava/ldapunit
LdapUnit Demo
Spring LDAP ODM
Spring LDAP ODM
• ORM for Databases
• Annotation Driven
• @Entry
• @Id
• @Attribute
• @Transient
ODM Demo
Spring LDAP ODM
• ORM Differences
• Caching of LDAP Entries not possible
• No XML mapping support
• Lazy loading of Entries not possible
What else can we improve?
Spring LDAP Authentication
public boolean authenticate(String userid, String password) {
DistinguishedName dn = new DistinguishedName(BASE_DN);dn.add("uid", userid);
DirContext authenticatedContext = null;try {
authenticatedContext = contextSource.getContext(dn.toString(), password);return true;
}catch(NamingException e) {
e.printStackTrace();return false;
}finally {
LdapUtils.closeContext(authenticatedContext);}
}
Spring LDAP Authentication
@Overridepublic boolean authenticate(String userid, String password) {
return ldapTemplate.authenticate("","(uid=" + userid + ")", password);}
Spring LDAP Authentication
public boolean authenticate(String userid, String password) {EmployeeAuthenticationErrorCallback errorCallback = new
EmployeeAuthenticationErrorCallback();boolean isAuthenticated = ldapTemplate.authenticate("","(uid=" + userid + ")",
password, errorCallback);if(!isAuthenticated) {
System.out.println(errorCallback.getAuthenticationException());}return isAuthenticated;
}
Questions
License CC-BY-SA33
Thanks!