|
Home > Archive > Apache Directory Project > May 2007 > [LDAP] Parsing LDAP URLs
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[LDAP] Parsing LDAP URLs
|
|
| Enrique Rodriguez 2007-05-30, 1:11 am |
| Hi, Directory developers,
Do we already have support for searching based on LDAP URLs (RFC
2255)? Should a search with an LDAP URL using JNDI and
CoreContextFactory "just work"?
Example from the JNDI tutorial:
Object obj = new InitialContext().lookup(
"ldap://localhost:389/ cn=homedir,cn=Jon%20Ruiz,ou=People,o=jnd
itutorial");
I'm especially interested in the more complex forms, where attribute
values are specified.
I haven't simply tried this but I'll get a chance later this week and
I'm curious to know ASAP.
Enrique
| |
| Emmanuel Lecharny 2007-05-30, 7:11 am |
| Enrique Rodriguez a écrit :
> Hi, Directory developers,
>
> Do we already have support for searching based on LDAP URLs (RFC
> 2255)?
We have full support of RFC 2255 in
shared/ldap/src/main/java/org/apache/directory/shared/ldap/codec/util/LdapURL
class
> Should a search with an LDAP URL using JNDI and
> CoreContextFactory "just work"?
>
> Example from the JNDI tutorial:
> Object obj = new InitialContext().lookup(
>
> "ldap://localhost:389/ cn=homedir,cn=Jon%20Ruiz,ou=People,o=jnd
itutorial");
>
>
> I'm especially interested in the more complex forms, where attribute
> values are specified.
Like in the associated tests :
public void testLdapDNAttributes() throws LdapURLEncodingException
{
Assert.assertEquals(
"ldap://directory.apache.org:389/dc=example,dc=org?ou,objectclass,dc",
new LdapURL(
"ldap://directory.apache.org:389/dc=example,dc=org?ou,objectclass,dc"
).toString() );
}
>
> I haven't simply tried this but I'll get a chance later this week and
> I'm curious to know ASAP.
is it asap enough for you ? 
Emmanuel
| |
| Enrique Rodriguez 2007-05-30, 7:11 pm |
| On 5/30/07, Emmanuel Lecharny <elecharny-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> ...
> is it asap enough for you ?
1) LdapUrl works great. However, it doesn't look like I can use it
directly in searches using CoreContextFactory. LDAP URLs are
supported by Sun JNDI for remote searches, since LDAP URL's are parsed
client-side by a Sun provider.
However, with CCF, as in the following code:
{code}
CoreContextFactory ccf = new CoreContextFactory();
DirContext ctx = ( DirContext ) ccf.getInitialContext( env );
String url = "ldap://localhost:" + port +
"/ou=users,dc=example,dc=com?krb5PrincipalName?sub?(krb5PrincipalName=hnelson-eoiNrCBZWh+uvtTkCOosKA@public.gmane.org)";
NamingEnumeration answer = ctx.search( url, "", null );
{code}
I get:
javax.naming.InvalidNameException: Bad DN :
ldap://localhost:1024/ou=users,dc=example,dc=com?krb5PrincipalName?sub?(krb5PrincipalName=hnelson-eoiNrCBZWh+uvtTkCOosKA@public.gmane.org)
at org.apache.directory.shared.ldap.name.LdapDnParser.parseInternal(LdapDnParser.java:151)
at org.apache.directory.shared.ldap.name.LdapDN.<init>(LdapDN.java:197)
Certainly I can work around this by using LdapUrl's getters as
parameters to my ctx.search#. Should this be supported? Want a JIRA?
Enrique
| |
| Emmanuel Lecharny 2007-05-30, 7:11 pm |
| Enrique Rodriguez a écrit :
> On 5/30/07, Emmanuel Lecharny <elecharny-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
>
>
>
> 1) LdapUrl works great. However, it doesn't look like I can use it
> directly in searches using CoreContextFactory. LDAP URLs are
> supported by Sun JNDI for remote searches, since LDAP URL's are parsed
> client-side by a Sun provider.
Yes, I think we don't support LdapURL in CCF.
>
> However, with CCF, as in the following code:
>
> {code}
> CoreContextFactory ccf = new CoreContextFactory();
> DirContext ctx = ( DirContext ) ccf.getInitialContext( env );
>
> String url = "ldap://localhost:" + port +
> "/ou=users,dc=example,dc=com?krb5PrincipalName?sub?(krb5PrincipalName=hnelson-eoiNrCBZWh+uvtTkCOosKA@public.gmane.org)";
>
>
> NamingEnumeration answer = ctx.search( url, "", null );
> {code}
>
> I get:
>
> javax.naming.InvalidNameException: Bad DN :
> ldap://localhost:1024/ou=users,dc=example,dc=com?krb5PrincipalName?sub?(krb5PrincipalName=hnelson-eoiNrCBZWh+uvtTkCOosKA@public.gmane.org)
>
> at
> org.apache.directory.shared.ldap.name.LdapDnParser.parseInternal(LdapDnParser.java:151)
>
> at
> org.apache.directory.shared.ldap.name.LdapDN.<init>(LdapDN.java:197)
>
> Certainly I can work around this by using LdapUrl's getters as
> parameters to my ctx.search#. Should this be supported? Want a JIRA?
You can fill a JIRA asking for CCF to support LdapURL, sure.
Emmanuel
| |
| Alex Karasulu 2007-05-31, 1:11 am |
| On 5/30/07, Emmanuel Lecharny <elecharny-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
>
> Enrique Rodriguez a écrit :
>
>
> Yes, I think we don't support LdapURL in CCF.
SNIP ...
>
> You can fill a JIRA asking for CCF to support LdapURL, sure.
There's a big problem with supporting LdapURL's in the server-side JNDI
provider (w/ CCF based ICF).
You would have to support remote searches in this case or make it so only
localhost or the name
of the localhost is used in the LDAP URL when requesting an initial context..
Remember the server-side JNDI provider mimics a JNDI provider but goes
directly to disk. It is not
intended to be used to contact external servers. It can be but that's
another matter for discussion.
Alex
| |
| Alex Karasulu 2007-05-31, 1:11 am |
| Oh this incidentally is why the PROVIDER_URL is really a DN instead of an
LDAP URL.
Alex
On 5/31/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
>
>
>
> On 5/30/07, Emmanuel Lecharny <elecharny-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
>
>
> SNIP ...
>
>
>
>
> There's a big problem with supporting LdapURL's in the server-side JNDI
> provider (w/ CCF based ICF).
> You would have to support remote searches in this case or make it so only
> localhost or the name
> of the localhost is used in the LDAP URL when requesting an initial
> context.
>
> Remember the server-side JNDI provider mimics a JNDI provider but goes
> directly to disk. It is not
> intended to be used to contact external servers. It can be but that's
> another matter for discussion.
>
> Alex
>
>
| |
| Enrique Rodriguez 2007-05-31, 1:11 am |
| On 5/30/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> ...
> There's a big problem with supporting LdapURL's in the server-side JNDI
> provider (w/ CCF based ICF).
> You would have to support remote searches in this case or make it so only
> localhost or the name
> of the localhost is used in the LDAP URL when requesting an initial context.
>
> Remember the server-side JNDI provider mimics a JNDI provider but goes
> directly to disk. It is not
> intended to be used to contact external servers. It can be but that's
> another matter for discussion.
Yeah, I was picturing an empty host and port, for example from RFC 2255:
ldap:///o=University%20of%20Michigan,c=US
Enrique
| |
| Alex Karasulu 2007-05-31, 1:11 am |
| On 5/31/07, Enrique Rodriguez <enriquer9-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> On 5/30/07, Alex Karasulu <akarasulu-1oDqGaOF3Lkdnm+yROfE0A@public.gmane.org> wrote:
> only
> context.
>
> Yeah, I was picturing an empty host and port, for example from RFC 2255:
>
> ldap:///o=University%20of%20Michigan,c=US
Certainly! This is valid as well.
Alex
|
|
|
|
|