Announcement Announcement Module
No announcement yet.
Connect to LDAP service via "JNDI resource"? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Connect to LDAP service via "JNDI resource"?

    I want to contact a remote LDAP service (a corporate directory) from inside an EAR on IBM WebSphere 6.0, but I am not allowed to know about the connection parameters like URL, base and userDN / PW. LDAP is not used for authentication or authorization purposes, it simply serves as an information source for lookup operations.

    In fact this is much like usual pooled J2EE JDBC access, where you fetch a JDBC data source via JNDI. The application only must know about the JNDI name (which in fact may be supplied during deployment), and the data source connection parameters are configured inside the Application Server configuration. The developer can configure its own DB setup, which may differ from staging and production systems even in DB type in some scenarios.

    Now we have Spring LdapTemplate which is built similar to JdbcTemplate. Like the DataSource for JdbcTemplate, we have a ContextSource for the LdapTemplate.

    For JdbcTemplate, you can configure a org.springframework.jndi.JndiObjectFactoryBean to deliver a DataSource fetched from JNDI to the JdbcTemplate.

    What I imagine now is to have the org.springframework.jndi.JndiObjectFactoryBean contacting some JNDI resource delivering a ContextSource fetched from JNDI to the LdapTemplate.

    To get this, there should be some "LDAP resource provider factory" or the like which may be named and configured inside the application server as arbitrary JNDI "resource". It must be able to receive connection parameters like LDAP service URL, LDAP base, userDN etc. by configuration API of the server, just like usual JDBC data source factories.

    Does anyone know how to achieve this -- and can tell me?

    Of course I would be happy if there is a less complex way to externalize LDAP connection parameters away from my application and have them configurable by the production deployment team in some way.


  • #2
    I am facing the same requirement.

    I have looked at implementing a "resource adapter", following the J2EE Connector Architecture specs. It seems to me that I need to write classes that implement the interfaces from javax.resource - ManagedConnection, ManagedConnectionFactory, ManagedConnectionMetaData, ResourceAdapter - and the ManagedConnectionFactory would then pass a 'connection', in this case a DirContext, to a DAO, which could then use it to perform actions against an LDAP source.

    Does anyone have any thoughts on this?
    Does this seem like to correct way to go?

    Any help would be greatly appreciated.




    • #3
      Please add news also to the following thread if something new happens here: