com.jalios.ldap
Class LDAPMapper

java.lang.Object
  com.jalios.ldap.LDAPMapper

public class LDAPMapper
extends Object

This class allows simpler access to LDAP using following ldap properties. It is not thread safe, use one LDAPMapper instance per thread.

Since:

jcms-4.1.1-SP4 / jcms-5.5.0

Author:

Olivier Jaquemet

Field Summary

protected LDAPConfiguration	conf
static String	END_OF_RANGE The character indicating that the end of the range has been reached.
protected boolean	isConnected
protected netscape.ldap.LDAPException	lastException
protected netscape.ldap.LDAPConnection	ldc
static String	RANGE_FORMAT The format used to calculate attribute IDs for subsequent searches.
static Pattern	RANGE_PATTERN The pattern matching the range attribute ID.
static String	RANGE_PATTERN_STRING The expression matching the range attribute ID ";range=-".
static String	REVISION

Constructor Summary

LDAPMapper(LDAPConfiguration conf)
Creates a new mapper and establish the connection using given LDAPConfiguration.

Method Summary

boolean	authenticate(String dn, String password) Try to establish a new connection and to authenticate to the ldap server specified in the LDAPConfiguration of this mapper, using the given dn connect and password.
void	disconnect() Disconnect the underlying LDAPConnection of this mapper.
netscape.ldap.LDAPEntry	getGroupLDAPEntryFromDN(String fullDN, String[] attrs) Retrieve a Group entry from its exact DN.
ArrayList<netscape.ldap.LDAPEntry>	getGroupsLDAPEntries(String dn, String[] attrs) Return the groups LDAP Entry for the given dn (dn of a user or a sub-group).
netscape.ldap.LDAPException	getLastException()
netscape.ldap.LDAPConnection	getLDAPConnection() Returns the LDAPConnection instance initialized during the construction of this LDAPMapper.
ArrayList<netscape.ldap.LDAPEntry>	getMatchingLDAPEntries(String baseDN, String searchFilter, String[] attrs) Return the matching LDAP Entries for the given login (uses the LDAPConfiguration suffix (search baseDN) and user filter (search filter)). Does not return entries that may be available on referals servers.
List<String>	getRangedAttributeStringValues(netscape.ldap.LDAPEntry entry, String attributeName) Retrieve all values of the specified attribute, even if attribute is a ranged attribute of ActiveDirectory.
netscape.ldap.LDAPEntry	getUserLDAPEntry(String login, String[] attrs) Return the first matching LDAP Entry for the given login.
netscape.ldap.LDAPEntry	getUserLDAPEntryFromDN(String fullDN, String[] attrs) Retrieve a User entry from its exact DN.
boolean	isConnected()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

REVISION

public static final String REVISION

See Also:

Constant Field Values

conf

protected final LDAPConfiguration conf

ldc

protected final netscape.ldap.LDAPConnection ldc

isConnected

protected boolean isConnected

lastException

protected netscape.ldap.LDAPException lastException

END_OF_RANGE

public static final String END_OF_RANGE

The character indicating that the end of the range has been reached.

See Also:

Constant Field Values

RANGE_FORMAT

public static final String RANGE_FORMAT

The format used to calculate attribute IDs for subsequent searches.

See Also:

Constant Field Values

RANGE_PATTERN_STRING

public static final String RANGE_PATTERN_STRING

The expression matching the range attribute ID ";range=-".

See Also:

Constant Field Values

RANGE_PATTERN

public static final Pattern RANGE_PATTERN

The pattern matching the range attribute ID.

Constructor Detail

LDAPMapper

public LDAPMapper(LDAPConfiguration conf)

Creates a new mapper and establish the connection using given LDAPConfiguration.
IMPORTANT: Don't forget to call disconnect() when finished with this mapper.
If an error occurs during connection, the LDAPException describing the error is accessible using getLastException()

Parameters:

conf - the LDAPConfiguration to use for this mapper

Method Detail

getUserLDAPEntry

public netscape.ldap.LDAPEntry getUserLDAPEntry(String login,
                                                String[] attrs)

Return the first matching LDAP Entry for the given login.
Uses : - LDAPConfiguration.getSuffix() (search baseDN) - LDAPConfiguration.getUserFilter() (search filter)

Parameters:

login - the login of the member of which to retrieve LDAPEntry.

attrs - attributes you want returned in the result.

Returns:

the first LDAPEntry retrieved from LDAP, or null if member is not found or if an error occured (in which case getLastException(). A warning message is logged if more than one entries have been found (in which case you should refine your user search filter).

Since:

jcms-5.7.0

getUserLDAPEntryFromDN

public netscape.ldap.LDAPEntry getUserLDAPEntryFromDN(String fullDN,
                                                      String[] attrs)

Retrieve a User entry from its exact DN.

This method differs from the LDAPConnection.read(String, String[]) because it will apply the user filter configured in JCMS (LDAPConfiguration.getUserFilter()

Parameters:

fullDN - the DN of the User entry to retrieve

attrs - attributes you want returned in the result entry.

Returns:

the LDAPEntry retrieved from LDAP, null if LDAP entry could not be found. Also returns null if several entries were found, this prevents invalid behavior if bad DN is specified (a warning is issued in the logs)

Since:

jcms-7.0

getGroupsLDAPEntries

public ArrayList<netscape.ldap.LDAPEntry> getGroupsLDAPEntries(String dn,
                                                               String[] attrs)

Return the groups LDAP Entry for the given dn (dn of a user or a sub-group).
Uses : - LDAPConfiguration.getGroupSuffix() (search baseDN) - LDAPConfiguration.getGroupFilter() (search filter)

Parameters:

dn - the dn of the user of which to retrieve groups' LDAPEntry.

attrs - attributes you want returned in the result.

Returns:

a list of LDAPEntry retrieved from LDAP, or null if no group is found or if an error occured (in which case getLastException().

Since:

jcms-5.7.0

getGroupLDAPEntryFromDN

public netscape.ldap.LDAPEntry getGroupLDAPEntryFromDN(String fullDN,
                                                       String[] attrs)

Retrieve a Group entry from its exact DN.

This method differs from the LDAPConnection.read(String, String[]) because it will apply the group filter configured in JCMS (LDAPConfiguration.getGroupFilter()

Parameters:

fullDN - the DN of the Group entry to retrieve

attrs - attributes you want returned in the result entry.

Returns:

the LDAPEntry retrieved from LDAP, null if LDAP entry could not be found. Also returns null if several entries were found, this prevents invalid behavior if bad DN is specified (a warning is issued in the logs)

Since:

jcms-7.0

getMatchingLDAPEntries

public ArrayList<netscape.ldap.LDAPEntry> getMatchingLDAPEntries(String baseDN,
                                                                 String searchFilter,
                                                                 String[] attrs)

Return the matching LDAP Entries for the given login (uses the LDAPConfiguration suffix (search baseDN) and user filter (search filter)).
Does not return entries that may be available on referals servers.

Parameters:

baseDN - the base distinguished name from which to search

searchFilter - the searchFilter to use for with method LDAPConnection.search(String, int, String, String[], boolean).

attrs - attributes you want returned in the result.

Returns:

an ArrayList of LDAPEntry retrieved from LDAP, (never return null), LDAPException is available using getLastException() if error occured during search.

Since:

jcms-5.7.0

getRangedAttributeStringValues

public List<String> getRangedAttributeStringValues(netscape.ldap.LDAPEntry entry,
                                                   String attributeName)

Retrieve all values of the specified attribute, even if attribute is a ranged attribute of ActiveDirectory.

If the specified attribute is a ranged attribute of ActiveDirectory, perform the appropriate computation and new LDAP queries to ensure all attribute's values are retrieved.

See Range Retrieval of Attribute Values at Microsoft.com

Parameters:

entry - the entry in which LDAPAttribute was retrieved (must not be null)

attributeName - the name of the attribute to retrieve (must not be null, may be ranged or not)

Returns:

a List of all String values of the specified attribute, never return null

authenticate

public boolean authenticate(String dn,
                            String password)

Try to establish a new connection and to authenticate to the ldap server specified in the LDAPConfiguration of this mapper, using the given dn connect and password. Disconnect immediately.

Parameters:

dn - the dn to use to try au

password - the password to use for authentication.

Returns:

true if authentication succeeded, false otherwise, in which case the error is available using getLastException()

getLastException

public netscape.ldap.LDAPException getLastException()

Returns:

Returns the last LDAPException thrown during an operation.

getLDAPConnection

public netscape.ldap.LDAPConnection getLDAPConnection()

Returns the LDAPConnection instance initialized during the construction of this LDAPMapper.
Before using this method, you can check that the connection has been properly established using isConnected().
You should not disconnect using the LDAPConnection.disconnect() method of the returned LDAPConnection object, instead, call the disconnect() method of this LDAPMapper.

Returns:

Returns the LDAPConnection instance used by this LDAPMapper.

isConnected

public boolean isConnected()

Returns:

true if this a successful LDAP Connection was establish in constructor of this mapper.

disconnect

public void disconnect()

Disconnect the underlying LDAPConnection of this mapper.