This document provides an overview of application development using Spring LDAP. It begins with introducing the presenter and agenda. It then covers JNDI and its drawbacks for LDAP operations. The bulk of the document discusses Spring LDAP, including its features, core concepts like context source and LdapTemplate, and examples of template usage, ODM, and integration testing with LdapUnit. It also shows how Spring LDAP can simplify authentication compared to standard JNDI. The presentation concludes by asking for any other ways Spring LDAP could be improved.

1. Application Development Using
Spring LDAP
Balaji Varanasi

2. About Me

Development Manager

Author

LDAPUnit Creator

3. Agenda

4. JNDI

5. Java LDAP Application Development

6. Java LDAP Development
• JNDI Way Of Development
• Connect to LDAP Server
• Perform LDAP Operations
• Close resources

7. JNDI – Connecting to LDAP
Properties environment = new Properties();
environment.setProperty(DirContext.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
environment.setProperty(DirContext.PROVIDER_URL, "ldap://localhost:11389");
environment.setProperty(DirContext.SECURITY_PRINCIPAL, "cn=Directory Manager");
environment.setProperty(DirContext.SECURITY_CREDENTIALS, "opendj");
DirContext context = new InitialDirContext(environment);

8. JNDI – Performing LDAP Operation
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
searchControls.setReturningAttributes(new String[]{"givenName", "sn",
"telephoneNumber"});
searchResults = context.search(BASE_PATH, "(objectClass=inetOrgPerson)",
searchControls);
while (searchResults.hasMore()) {
SearchResult result = searchResults.next();
Attributes attributes = result.getAttributes();
// Read single valued attributes
String firstName = (String)attributes.get("givenName").get();
String lastName = (String)attributes.get("sn").get();
// Read the multi-valued attribute
Attribute phoneAttribute = attributes.get("telephoneNumber");
String[] phone = new String[phoneAttribute.size()];
NamingEnumeration phoneValues = phoneAttribute.getAll();
for(int i = 0; phoneValues.hasMore(); i++) {
phone[i] = (String)phoneValues.next();
}
}

9. JNDI – Close Resources
if (searchResults != null)
{
searchResults.close();
}
if(context != null)
{
context.close();
}

10. JNDI LDAP Operations Demo

11. What’s wrong with JNDI?
• JNDI Drawbacks
• Plumbing Code
• Explicit Resource Management
• Checked Exceptions

12. Spring LDAP

13. Spring LDAP
“Makes it easier to build Spring-based
applications that use the Lightweight Directory
Access Protocol”

14. Spring LDAP
“Makes it easier to build Spring-based
applications that use the Lightweight Directory
Access Protocol”

15. Spring LDAP
• Rich set of features
–
Template and utility classes
–
Search Filters
–
ODM
–
LDIF Parsing
–
Transaction Management
–
Connection Pooling
–
Unchecked exception hierarchy
• Currently 1.3.2
• 2.0.0 in works

16. Spring LDAP Application Development

17. Spring LDAP Development
• Core Concepts
• Context Source
• LdapTemplate

18. Spring LDAP Development
• Context Source
• Abstracts LDAP Connection
• LdapContextSource implementation

19. LdapTemplate
• Provides Overloaded
• Search
• Lookup
• Bind/Unbind
• Authenticate methods
• Thread safe

20. Spring LDAP Template Demo

21. Integration Testing LDAP Code
• Integration Testing requirements
• Ability to spin up LDAP servers programmatically
• Programmatically start and stop servers
• We need to load data for each set of tests
• Embedded Servers
• Lightweight in nature
• Quick startup time
• Ease of configuration
• OpenDJ/OpenDS, ApacheDS, UnboundID

22. LdapUnit
• Simplifies LDAP Testing
• Supports three embedded servers
• Provides abstraction for other servers to be plugged in
• Puts LDAP Server in a known state
• Works with Spring LDAP or standalone Java code
• Version 0.6.0
•
Code on GitHub: https://github.com/bava/ldapunit

23. LdapUnit Demo

24. Spring LDAP ODM

25. Spring LDAP ODM
• ORM for Databases
• Annotation Driven
• @Entry
• @Id
• @Attribute
• @Transient

26. ODM Demo

27. Spring LDAP ODM
• ORM Differences
• Caching of LDAP Entries not possible
• No XML mapping support
• Lazy loading of Entries not possible

28. What else can we improve?

29. Spring LDAP Authentication
public boolean authenticate(String userid, String password) {
DistinguishedName dn = new DistinguishedName(BASE_DN);
dn.add("uid", userid);
DirContext authenticatedContext = null;
try {
authenticatedContext = contextSource.getContext(dn.toString(), password);
return true;
}
catch(NamingException e) {
e.printStackTrace();
return false;
}
finally {
LdapUtils.closeContext(authenticatedContext);
}
}

30. Spring LDAP Authentication
@Override
public boolean authenticate(String userid, String password) {
return ldapTemplate.authenticate("","(uid=" + userid + ")", password);
}

31. Spring LDAP Authentication
public boolean authenticate(String userid, String password) {
EmployeeAuthenticationErrorCallback errorCallback = new
EmployeeAuthenticationErrorCallback();
boolean isAuthenticated = ldapTemplate.authenticate("","(uid=" + userid + ")",
password, errorCallback);
if(!isAuthenticated) {
System.out.println(errorCallback.getAuthenticationException());
}
return isAuthenticated;
}

32. Questions

33. Thanks!