Related Tips & Info

XLDAP Servlet

MigrationDeletedUser
0 Likes

Summary

The xldap servlet is a lightweight utility to access LDAP using SQL query language, with query results returned as XML. This is done by wrapping the Novell LDAP JDBC driver within a custom servlet (http://developer.novell.com/ndk/doc_ldapjdbc.htm). The servlet was inspired by Oracle's XSQL Servlet @ http://www.oracle.com/technology/tech/xml/xdk/doc/production10g/doc/java/xsql/xsql_userguide.html - authentication required), and can be used together with this servlet, to mix relational DB queries with eDirectory data.

Installation

Just dump the included xldap.war archive in your Tomcat webapps folder and edit web.xml to suite your needs. See the following section for configuration options.

Configuration

Configuration of the ldap source is done in web.xml, by setting the following init parameters:

server: The hostname of the ldap server, "somehost.mydomain.com".

user: The user account used for accessing ldap, "cn=ldapuser,ou=test,o=mycompany". Leave blank to access only public fields.

password: Password for the ldap account.

baseDN: The root of the ldap tree search, "ou=test,o=mycompany".

allowCleartext: Set to "true" or "false". If true, the ldap connection can fall back to cleartext communication if ssl is unavailable. Please note that the trusted Root CA of the ldap server must be added to the Java cacerts keystore, if ssl communication is to be used. This is done using the keytool utility included with the java runtime.

keytool -import -alias myrootca -keystore $JAVA_HOME/jre/lib/security/cacerts \-file rootca.crt

dateFormat: Sets the formatting of timestamp values, either "jdbc", "ical", "gregorian" or "custom" can be used. If left blank, "jdbc" is used.

timeZone: Since you might not want to have timestamps in UTC (default for eDirectory), you can set a custom java timezone value here. If left blank, or set to an invalid timezone, the OS default is used instead.

Usage

The default mapping for the servlet is /*.xml, so any file in the xldap directory with an extension of .xml is assumed to contain a SQL query, readable by the XLDAP servlet. A query in the file "/xldap/QueryLDAP.xml" could look like this:

select cn AS Username, fullName AS Name, accountBalance AS Account_Balance, lastLoginTime AS Login_Time from inetOrgPerson
where cn like {@cn} and cn <> 'user_template'
order by cn

Where the value {@cn} will be substituted by the value of the "cn" request parameter, or '*' if no cn request parameter was given. So the following request
"http://myhost.com:8080/xldap/QueryLDAP.xml?cn=admin"
would return an xml document containing information about the user with cn=admin.

<?xml version="1.0" encoding="ISO-8859-1" ?>
<ROWSET>
    <ROW num="1">
        <Username>admin</Username>
        <Name>John Doe</Name>
        <Account_Balance>100000</Account_Balance>
        <Login_Time>2004-08-16 11:11:17.0</Login_Time>
    </ROW>
</ROWSET>

Please note that the query file is just a plain text file, not a xml file. The .xml extension is only used to make query results more "digestible" to other applications.

Hints

As the servlet does not contain any xml parser, some other means must be used to transform the xml output if needed. This could be the before mentioned XSQL servlet, using the following query file:

<?xml version="1.0" encoding="ISO-8859-1"?>
<?xml-stylesheet type="text/xsl" href="mysheet.xsl"?>
<xsql:include-xml xmlns:xsql="urn:oracle-xsql"
href="http://myhost.com:8080/xldap/QueryLDAP.xml?cn={@cn}" bind-params="cn" />

Here, the "QueryLDAP.xml" file is included with the "cn" request variable passed through, and then "mysheet.xsl" stylesheet is applied to the file.

Bugs

Probably many Most often errors (file not found, no connection) will be returned as proper xml files, but if errors occur while return data is being generated, the result is a garbled xml file. Also, the code for generating timestamps might is a bit messy, feel free to clean it up, the source is included Error messages looks something like this, additional information can be found in the Tomcat logs:

<?xml version="1.0" encoding="ISO-8859-1" ?>
<ROWSET error="TRUE">
    <ERROR>
        <![CDATA[ java.io.FileNotFoundException: /var/
tomcat/webapps/xldap/QueryLDAP2.xml (No such file or directory)]]>
    </ERROR>
</ROWSET>

Additional information about the error can be found in the Tomcat logs.

Disclaimer

Feel free to use and modify the servlet as you see fit, no warranties given.
Please note that the included ldapjdbc.jar is under Novell Developer Kit License Agreement, included in xldap/WEB-INF/lib/license.txt.

Labels:

Collateral
Comment List
Related
Recommended

Resources

Support
Documentation
Training
CyberRes Academy
Partner Portal
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
How To Buy
Careers
Investor Relations
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.