org.lsc.utils.directory
Class LDAP

java.lang.Object
  org.lsc.utils.directory.LDAP

public class LDAP
extends Object

Utility class that offers useful functions for standard LDAP directories.

Intended for use in the lsc.properties configuration file via the JavaScript Rhino interpreter.

Rationale: the methods in this class have been thought out for repeated calls during a synchronization task, when each method may be called as many times as objects are synchronized. Thus, we attempt to optimize resource utilization.

Author:

Jonathan Clarke

Constructor Summary

LDAP()

Method Summary

static boolean	canBind(String url, String dnToCheck, String passwordToCheck) Connects to a LDAP server anonymously and tries to rebind with the provided DN and password to check.
static boolean	canBind(String url, String bindDn, String bindPassword, String dnToCheck, String passwordToCheck) Connects to a LDAP server using a specific DN and password, then tries to rebind with the provided DN and password to check.
static boolean	canBindSearchRebind(String url, String passwordToCheck) Connects to a LDAP server anonymously, then performs a search to find a DN, then tries to rebind with the provided DN and password to check authentication.
static boolean	canBindSearchRebind(String url, String bindDn, String bindPassword, String passwordToCheck) Connects to a LDAP server using a specific DN and password, then performs a search to find a DN, then tries to rebind with the provided DN and password to check authentication.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LDAP

public LDAP()

Method Detail

canBind

public static boolean canBind(String url,
                              String dnToCheck,
                              String passwordToCheck)
                       throws NamingException

Connects to a LDAP server anonymously and tries to rebind with the provided DN and password to check.

Parameters:

url - URL of the LDAP server to connect to, e.g. "ldap://ldap.example.com/". If this URL starts with "ldaps" a secure connection will be used.

dnToCheck - Distinguished Name (DN) to check the bind with.

passwordToCheck - Password to check the bind with.

Returns:

true if the bind succeeds, false if the bind fails

Throws:

NamingException - any exceptions that occur during connection, other than bind failures

canBind

public static boolean canBind(String url,
                              String bindDn,
                              String bindPassword,
                              String dnToCheck,
                              String passwordToCheck)
                       throws NamingException

Connects to a LDAP server using a specific DN and password, then tries to rebind with the provided DN and password to check.

Parameters:

url - URL of the LDAP server to connect to, e.g. "ldap://ldap.example.com/". If this URL starts with "ldaps" a secure connection will be used.

bindDn - DN to bind to the server with. If null, binds anonymously.

bindPassword - Password to bind to the server with.

dnToCheck - Distinguished Name (DN) to check the bind with.

passwordToCheck - Password to check the bind with.

Returns:

true if the bind succeeds, false if the bind fails

Throws:

NamingException - any exceptions that occur during connection, other than bind failures

canBindSearchRebind

public static boolean canBindSearchRebind(String url,
                                          String passwordToCheck)
                                   throws NamingException,
                                          MalformedURLException

Connects to a LDAP server anonymously, then performs a search to find a DN, then tries to rebind with the provided DN and password to check authentication.

Parameters:

url - URL of the LDAP server to connect to and search parameters, e.g. "ldap://ldap.example.com/dc=example,dc=com??sub?(uid=nportman)" . If this URL starts with "ldaps" a secure connection will be used. This URL must include the search filter, and may include the search scope, which defaults to "sub".

passwordToCheck - Password to check the bind with.

Returns:

true if the search finds exactly one user and the bind succeeds, false if the bind fails

Throws:

NamingException - any exceptions that occur during connection, other than bind failures and no search results

MalformedURLException - If the search URL is malformed.

canBindSearchRebind

public static boolean canBindSearchRebind(String url,
                                          String bindDn,
                                          String bindPassword,
                                          String passwordToCheck)
                                   throws NamingException,
                                          MalformedURLException

Connects to a LDAP server using a specific DN and password, then performs a search to find a DN, then tries to rebind with the provided DN and password to check authentication.

Parameters:

url - URL of the LDAP server to connect to and search parameters, e.g. "ldap://ldap.example.com/dc=example,dc=com??sub?(uid=nportman)" . If this URL starts with "ldaps" a secure connection will be used. This URL must include the search filter, and may include the search scope, which defaults to "sub".

bindDn - DN to bind to the server with. If null, binds anonymously.

bindPassword - Password to bind to the server with.

passwordToCheck - Password to check the bind with.

Returns:

true if the search finds exactly one user and the bind succeeds, false if the bind fails

Throws:

NamingException - any exceptions that occur during connection, other than bind failures and no search results

MalformedURLException - If the search URL is malformed.