com.jalios.ldap

Class LDAPUtil

java.lang.Object

com.jalios.ldap.LDAPUtil

public class LDAPUtil
extends java.lang.Object

Utilily methods to perform miscelleanous operation related to LDAP.

Version:

$Revision: 87433 $

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	LDAPUtil.SRVRecord SRV record entry

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	OBJECT_CLASS_ATTR "objectClass"
static java.lang.String	OBJECT_GUID_ATTR The Active Directory unique identifier for an object.
static java.lang.String	OBJECT_SID_ATTR The Active Directory security identifier (SID) of a user. The SID is a unique value used to identify the user as a security principal.
static java.lang.String	REVISION

Constructor Summary

Constructors

Constructor and Description
LDAPUtil()

Method Summary

Modifier and Type	Method and Description
static boolean	checkConnect(java.lang.String hostname, java.lang.String port, java.lang.String isSSL, java.lang.String bindDN, java.lang.String bindPassword) Try a LDAP connection using the given host information and credential.
static java.lang.String	escapeDN(java.lang.String name) Escape certain meta-characters in LDAP DN.
static java.lang.String	escapeLDAPSearchFilter(java.lang.String filter) Escape certain meta-characters of a name for use in LDAP search filter.
static java.lang.String	extractSAMAccountName(java.lang.String login) Retrieve the sAMAccountName from the specified login (if possible).
static java.lang.String	getFirstDomainControllerHostname(java.lang.String domain) Retrieve the first domain controler available for query for the specified windows domain.
static LDAPUtil.SRVRecord	getFirstSrvRecord(java.lang.String srvRecordName) Retrieve the first SRV record value for the specified SRV record name.
static java.lang.String	getGUID(com.unboundid.ldap.sdk.Attribute objectGUIDAttribute) Retrieve a string representation of the specified objectGUID LDAP attribute which contains a globally unique identifier assigned by Active Directory Domain Services when the object instance is created. A GUID is a 128-bit number guaranteed to be unique in space and time.
static byte[]	getGUID(java.lang.String guidStr) Retrieve a byte array of the specified 16-byte string representation of a GUID.
static java.lang.String	getGUIDByteString(java.lang.String guidStr) Retrieve a LDAP byte string representation of a GUID, such as \xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx.
static java.lang.String	getSid(com.unboundid.ldap.sdk.Attribute objectSidAttribute) Retrieve a string representation of the specified objectSid LDAP attribute which contains a value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal.
static java.util.List<LDAPUtil.SRVRecord>	getSrvRecords(java.lang.String srvRecordName) Retrieve all SRV record values for the specified SRV record name.
static java.lang.String	getString(com.unboundid.ldap.sdk.Attribute attribute, java.lang.String defaultValue) Return first available value of Attribute attr, or defaultValue if not available.
static boolean	isGroupEntry(com.unboundid.ldap.sdk.SearchResultEntry entry, LDAPConfiguration conf) Determines if the given SearchResultEntry is a group entry according to parameters specified by the given LDAPConfiguration object.
static boolean	isUserEntry(com.unboundid.ldap.sdk.SearchResultEntry entry, LDAPConfiguration conf) Determines if the given SearchResultEntry is a user entry according to parameters specified by the given LDAPConfiguration object.
static boolean	isUUID(java.lang.String str) Check if the specified string is a 16-byte string representation of a UUID.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REVISION

public static final java.lang.String REVISION

See Also:

Constant Field Values

OBJECT_CLASS_ATTR

public static final java.lang.String OBJECT_CLASS_ATTR

"objectClass"

See Also:

Constant Field Values

OBJECT_SID_ATTR

public static final java.lang.String OBJECT_SID_ATTR

The Active Directory security identifier (SID) of a user.
The SID is a unique value used to identify the user as a security principal.

"objectSid"
MSDN : Object-Sid attribute

See Also:

getSid(Attribute), Constant Field Values

OBJECT_GUID_ATTR

public static final java.lang.String OBJECT_GUID_ATTR

The Active Directory unique identifier for an object.

"objectGUID"
MSDN : Object-Guid attribute

See Also:

getGUID(Attribute), Constant Field Values

Constructor Detail

LDAPUtil

public LDAPUtil()

Method Detail

getString

public static java.lang.String getString(com.unboundid.ldap.sdk.Attribute attribute,
                                         java.lang.String defaultValue)

Return first available value of Attribute attr, or defaultValue if not available.

Parameters:

attribute - Attribute from which to retrieve value.

defaultValue - the default value to use if none could be read

Returns:

a the first value of attr or defaultValue (never return null unless defaultValue is null).

isGroupEntry

public static boolean isGroupEntry(com.unboundid.ldap.sdk.SearchResultEntry entry,
                                   LDAPConfiguration conf)

Determines if the given SearchResultEntry is a group entry according to parameters specified by the given LDAPConfiguration object.

Parameters:

entry - the SearchResultEntry to check

conf - the LDAPConfiguration to use, MUST NOT be null

Returns:

true if the entry is a group, false otherwise

Since:

jcms-5.7

isUserEntry

public static boolean isUserEntry(com.unboundid.ldap.sdk.SearchResultEntry entry,
                                  LDAPConfiguration conf)

Determines if the given SearchResultEntry is a user entry according to parameters specified by the given LDAPConfiguration object.

Parameters:

entry - the SearchResultEntry to check

conf - the LDAPConfiguration to use, MUST NOT be null

Returns:

true if the entry is a user, false otherwise

Since:

jcms-5.7

checkConnect

public static boolean checkConnect(java.lang.String hostname,
                                   java.lang.String port,
                                   java.lang.String isSSL,
                                   java.lang.String bindDN,
                                   java.lang.String bindPassword)

Try a LDAP connection using the given host information and credential.

Parameters:

hostname - the hostname of the ldap server to connect to.

port - the port of the ldap server to connect to.

isSSL - whether the connection should be made using SSL.

bindDN - the Distinguished Name to use to bind to the ldap server to connect to.

bindPassword - the password to use to bind to the ldap server to connect to.

Returns:

true if the connection was successful, false if an error occured

Since:

jcms-5.7

escapeDN

public static java.lang.String escapeDN(java.lang.String name)

Escape certain meta-characters in LDAP DN.

Parameters:

name - the name to escape

Returns:

the escaped name

escapeLDAPSearchFilter

public static final java.lang.String escapeLDAPSearchFilter(java.lang.String filter)

Escape certain meta-characters of a name for use in LDAP search filter.

Parameters:

filter - the filter to escape

Returns:

the escaped filter

extractSAMAccountName

public static java.lang.String extractSAMAccountName(java.lang.String login)

Retrieve the sAMAccountName from the specified login (if possible).

Support login in Down-Level logon name formats (eg DOMAIN\sAMAccountName).

Parameters:

login - a user login

Returns:

the extracted sAMAccountName or the original login, never return null.

getSid

public static java.lang.String getSid(com.unboundid.ldap.sdk.Attribute objectSidAttribute)

Retrieve a string representation of the specified objectSid LDAP attribute which contains a value that specifies the security identifier (SID) of the user.
The SID is a unique value used to identify the user as a security principal.

• MSDN : Object-Sid attribute (Windows)
• MSDN : Well-Known SID Structures

Parameters:

objectSidAttribute - the objectSid as retrieved from

Returns:

a SID string such as "S-1-5-21-2029357233-986718560-1400240716-2155", or null if it could not be extracted

getFirstDomainControllerHostname

public static java.lang.String getFirstDomainControllerHostname(java.lang.String domain)

Retrieve the first domain controler available for query for the specified windows domain.

This methods looks for all SRV record "_ldap._tcp.dc._msdcs.{domain}" and return the first one as defined by priority and weight in all records.

Parameters:

domain - a windows domain name

Returns:

the hostname of the first domain controler available, or null if it could not be found

Since:

jcms-8.0.1

getFirstSrvRecord

public static LDAPUtil.SRVRecord getFirstSrvRecord(java.lang.String srvRecordName)

Retrieve the first SRV record value for the specified SRV record name.

Parameters:

srvRecordName - the name of the SRV record to query, ie "_sip._tcp.example.com."

Returns:

the first SRVRecord in the order of the priority and weight defined in all srv results, or null if none could not be found

Since:

jcms-8.0.1

getSrvRecords

public static java.util.List<LDAPUtil.SRVRecord> getSrvRecords(java.lang.String srvRecordName)

Retrieve all SRV record values for the specified SRV record name.

Parameters:

srvRecordName - the name of the SRV record to query, ie "_sip._tcp.example.com."

Returns:

a SortedSet of all SRVRecord, in the order of the priority and weight defined in all srv results, never return null

Since:

jcms-8.0.1

getGUID

public static java.lang.String getGUID(com.unboundid.ldap.sdk.Attribute objectGUIDAttribute)

Retrieve a string representation of the specified objectGUID LDAP attribute which contains a globally unique identifier assigned by Active Directory Domain Services when the object instance is created.
A GUID is a 128-bit number guaranteed to be unique in space and time.
sing objectGUID to Bind to an Object

Parameters:

objectGUIDAttribute - the objectGUID as retrieved from AD

Returns:

a GUID string such as "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX", or null if it could not be extracted

isUUID

public static boolean isUUID(java.lang.String str)

Check if the specified string is a 16-byte string representation of a UUID.

Parameters:

str - any value to check

Returns:

true if specified string is a UUID, false otherwise

getGUID

public static byte[] getGUID(java.lang.String guidStr)

Retrieve a byte array of the specified 16-byte string representation of a GUID.

Parameters:

guidStr - 16-byte string representation of a GUID such as "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

Returns:

a byte array of the GUID or null if it could not be extracted

getGUIDByteString

public static java.lang.String getGUIDByteString(java.lang.String guidStr)

Retrieve a LDAP byte string representation of a GUID, such as \xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx\xx.

Parameters:

guidStr - 16-byte string representation of a GUID such as "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

Returns:

a byte array of the GUID or null if it could not be extracted