Accessing LDAP requires a suitable client component. A standard JDK™ or JRE™ ships with a JNDI provider. The API however requires a lot of boilerplate code.
Ldaptive
offers a promising client provider API. Start a
Maven based Eclipse
project which reads your own HdM LDAP data being
provided by the MI replica server
ldap1.mi.hdm-stuttgart.de.
This server allows for retrieving all attributes belonging to your personal records. Thus an authenticated bind using your HdM credentials is mandatory. Use TLS to prevent password sniffing!
Tip
-
Read the quick start guide and consult the Ldaptive API.
-
Using Ldaptive may be accomplished by adding the following Maven dependencies to your project's
pom.xmlfile:<project xmlns="http://maven.apache.org/POM/4.0.0" ... > <properties> <slf4j.version>find my current version on Maven central</slf4j.version> ... </properties> <dependencies> <dependency> <groupId>org.ldaptive</groupId> <artifactId>ldaptive</artifactId> <version>find my current version on Maven central</version> </dependency> <dependency> <!-- required for ldaptive's internal logging --> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> <version>${slf4j.version}</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-simple</artifactId> <version>${slf4j.version}</version> </dependency> ... -
Follow How To Configure Simple Logger slf4j Log Levels avoiding unrelated Ldaptive logging info.
The expected output with respect to the given initial data should resemble:
ou=departments,dc=betrayer,dc=com
ou: {departments}
objectClass: {top, organizationalUnit}
-------------------------------------------------------
ou=software,ou=departments,dc=betrayer,dc=com
ou: {software}
objectClass: {top, organizationalUnit}
-------------------------------------------------------
ou=devel,ou=software,ou=departments,dc=betrayer,dc=com
ou: {devel}
objectClass: {top, organizationalUnit}
-------------------------------------------------------
uid=bean,ou=devel,ou=software,ou=departments,dc=betrayer,dc=com
uid: {bean}
mail: {bean@betrayer.com}
givenName: {Jim}
cn: {Jim Bean}
sn: {Bean}
objectClass: {top, person, organizationalPerson, inetOrgPerson, posixAccount}
userPassword: {{smd5}aXJ/beVAvL4D6Oi0TKp8c3z/a6Pg0Wxp}
gidNumber: 1000
homeDirectory: /home/bean
uidNumber: 1000
-------------------------------------------------------
ou=testing,ou=software,ou=departments,dc=betrayer,dc=com
ou: {testing}
objectClass: {top, organizationalUnit}
-------------------------------------------------------
ou=financial,ou=departments,dc=betrayer,dc=com
ou: {financial}
objectClass: {top, organizationalUnit}
...Remarks:
-
Descend a given arbitrary LDAP tree recursively.
-
Indent according to each entries hierarchy level. In the above example
ou=software,ou=departments,dc=betrayer,dc=combeing a child ofou=departments,dc=betrayer,dc=comreceives an extra indent. -
Mind single and multi valuedness of attributes: In the above example
mail: {bean@betrayer.com}is multivalued in contrast tohomeDirectory: /home/bean. The brace pairs {...} denote attribute sets. The server's schema information is your friend. Consider the following hints:ConnectionFactory factory = DefaultConnectionFactory ... ; Schema schema = SchemaFactory.createSchema(factory); ... schema.getAttributeType(...).isSingleValued() ...
