Announcement Announcement Module
No announcement yet.
Stripping base DN Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stripping base DN

    Hi all,

    I'm using <tempate>.lookup, and found it expects the remaining part of the dn (dn minus the base DN specified on the contextSource). I wrote this little bit of code to do the stripping, but I'd appreciate any suggestions for doing this in a simpler (but still robust) way.

    private String removeBaseDn(String dn) {
            DistinguishedName baseDn = ((LdapContextSource) contextSource).getBaseLdapPath();
            DistinguishedName name = new DistinguishedName(dn);
            List<LdapRdn> finalDn = new ArrayList<LdapRdn>();
            for (Object o : name.getNames()) {
                LdapRdn rdn = (LdapRdn) o;
                if (!baseDn.getNames().contains(rdn)) {
            return new DistinguishedName(finalDn).toString();
    I guess a regex would probably work, but it seems less precise.

  • #2
    Your code will probably not work - it's quite possible for the same rdn to be in two places of the same dn, which means that you will possibly remove things in the middle of the dn. Consider for instance the dn
    cn=john doe, o=myorganization, c=SE, o=myorganization, o=com
    and the base DN
    o=myorganization, o=com

    Either way, IMO you shouldn't use the ContextSource for getting the base LDAP path. Implement BaseLdapPathAware and define a BaseLdapPathBeanPostProcessor in your context and the base LDAP path will be supplied to you on initialization. Stripping the base path from a DN is easy using DistinguishedName:
    public class MyClass implements BaseLdapPathAware{
      private DistinguishedName basePath;
      public void setBaseLdapPath(DistinguishedName basePath){
        this.basePath = basePath;
      public String removeBaseDn(String dn){
        DistinguishedName strippedDn = new DistinguishedName(dn);
        return strippedDn.toString();
    DistinguishedName.removeFirst(dn) will remove the specified dn from the beginning of the dn if it starts with that sequence (note that a DN is read right to left).
    Last edited by rasky; Jan 5th, 2008, 04:12 AM.


    • #3
      Thanks Matthias.

      The reason I'm doing this is to lookup users who are linked via a DN specified in the "manager" field (part of the InetOrgPerson schema). I'm not sure how else one would go about doing this, as a sample value for "manager" might be:

      uid=foobie, ou=People, dc=foocorp, dc=com

      I need to use that value to lookup another user, but lookup expects simply "uid=foobie" as its DN.