Announcement Announcement Module
Collapse
No announcement yet.
attrs="objectClass" needed from ldapTemplate.search Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • attrs="objectClass" needed from ldapTemplate.search

    I have the following code to do a subtree scope search:

    Code:
       tpinList = ldapTemplate.search("ou=identities","TAPexternalKey="+externalKey,2,new TPINAttributesMapper());
    This is my TPINAttributesMapper

    Code:
    private static class TPINAttributesMapper
                implements AttributesMapper {
            public Object mapFromAttributes(Attributes attrs)
            throws NamingException {
                Integer tpin;
                
               tpin = (Integer)attrs.get("uid").get();
                
                return tpin;
            }
    the result in my log is:

    SRCH base="ou=identities,o=tap" scope=2 filter="(TAPexternalKey=698574865)" attrs=ALL
    but apparently I need it to end up as:

    SRCH base="ou=identities,o=tap" scope=2 filter="(TAPexternalKey=698574865)" attrs="objectClass"
    I don't really understand this. But that's what I get when I do a search with a gui tool.

    I'd appreciate an explaination (I'm very new to LDAP). And how do I change my call to search?
    Last edited by bdrhoa; Aug 11th, 2006, 07:35 AM.

  • #2
    I'm not sure that I understand your problem. If I understand correctly you want to retrieve the 'uid' attribute of a specific entry, right? That's what your code seems to be doing.

    When you execute the search using LdapTemplate all the attributes of the found entries are passed on to your AttributesMapper implementation. Your AttributesMapper handles the attributes you are interested in and the rest are just ignored. If you do want to handle the 'objectclass' attribute, do that in your AttributesMapper. That won't change the output in the LDAP server log, but I wouldn't worry about that.

    Comment


    • #3
      My problem is I'm not getting any data back from ldaptemplate. When I make the same request (TAPexternalKey=320740168) in the gui, I get data back. The only difference I can see is the with gui I get attrs="objectClass" and ldtaptemplate I get attrs=ALL.

      As I wrote that, I noticed that the other difference is the gui has quotes around the attrs value ("objectClasss") and ldaptemplate doesn't (ALL). Could that be the problem?

      BTW - I'm using Sun LDAP.

      Comment


      • #4
        It could be any number of things, but a wild guess could be that access control is playing a trick on you. If your LDAP server requires authentication for read-only access you'll need to set the authenticatedReadOnly property in your ContextSource to 'true'.

        The log output suggests that the searches are identical, the 'attrs' shouldn't matter in this case.

        Comment


        • #5
          That was it! My applicationcontext.xml now looks like this:

          Code:
          <?xml version="1.0" encoding="UTF-8"?>
          <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
          <beans>
             <bean id="contextSource"
                class="net.sf.ldaptemplate.support.LdapContextSource">
                <property name="url" value="ldap://myldap.com:14000" />
                <property name="base" value="o=tap" />
                <property name="userName" value="uid=ldapuserid, ou=Service Accounts, ou=Principals,o=tap" />
                <property name="password" value="xxxx" />
                <property name="authenticatedReadOnly" value="true" />
             </bean>
             
             <bean id="ldapTemplate"
                class="net.sf.ldaptemplate.LdapTemplate">
                <constructor-arg ref="contextSource" />
             </bean>
             
              <bean id="tpinBean" 
                  class="com.tap.tpin.TPINImpl">
                  <property name="ldapTemplate" ref="ldapTemplate" />        
              </bean>
          </beans>

          Comment


          • #6
            That helped me, too. Thanks for including it.

            Also: noted that the "user" name I'm authenticating with needs to be the distinguished name, not just the short name suggested by the example in the PDF.

            BTW, I'm on OpenLDAP. Cheers.

            Comment

            Working...
            X