Ldap and java naming services
This presentation is the property of its rightful owner.
Sponsored Links
1 / 38

LDAP and Java Naming Services PowerPoint PPT Presentation


  • 123 Views
  • Uploaded on
  • Presentation posted in: General

LDAP and Java Naming Services. Murali. M .Nagendranath. Contents. LDAP (Lightweight Directory Access Protocol) JNDI (Java Naming & Directory Interface) Demonstration. LDAP. What is LDAP? History of LDAP Directories in LDAP Use and purpose of LDAP. What is LDAP?.

Download Presentation

LDAP and Java Naming Services

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ldap and java naming services

LDAP and Java Naming Services

Murali. M .Nagendranath


Contents

Contents

  • LDAP (Lightweight Directory Access Protocol)

  • JNDI (Java Naming & Directory Interface)

  • Demonstration


Ldap and java naming services

LDAP

  • What is LDAP?

  • History of LDAP

  • Directories in LDAP

  • Use and purpose of LDAP


What is ldap

What is LDAP?

  • Protocol of standard and extensible directory.

  • Protocol giving access the information contained in the directory.

  • Model of Information – Type of data.

  • Functional Model – Acess to information.

  • Safety Model - How access is protected.

  • Model of duplication - Distribution of data.

  • Replication Service.


A brief history

A Brief History

  • LDAP was born from the necessary adaptation of protocol DAP for TCP/IP.

  • Started at University of Michigan in 1993 in the same vision as that of X.500

  • Latest version, v3, was made in 1997

  • Netscape is now the center of research


X 500 ldap

X.500 & LDAP

  • LDAP is less secure

  • Still a large amount of compatibility between them

  • LDAP’s ability to search across servers is the most important advantage of LDAP.


Directories

Directories

  • Often compared to a phone book

  • DNS is an example

  • Can be used locally or globally

  • The list of all the names in a directory is it’s Name Space


Directories in ldap

Directories in LDAP

  • Each entry has a unique distinguished name (DN) which is succession of attributes.

  • An attribute describes the characteristic of objects.

  • Normal attributes.

  • Operational attributes.

  • Characteristics of attributes

  • Name, mono/multi, limit of value.

  • DN’s are made up of the location of something in the directory


Directories in ldap examples

Directories in LDAP: Examples

  • c stands for the country, o stands for organization

  • ou stands for organization units, cn is for individuals

  • cn=john, ou=administration, o=ibm, c=usa

  • o=ibm, c=usa

  • These are distinguished names.

  • Together these combinations specify something specific, although it need not be at the bottom level


Directories in ldap picture

Directories in LDAP: Picture


Directories in ldap1

Directories in LDAP

  • Although that is the most common structure in LDAP, it is possible to define your own directory structure like the flat tree structure.

  • This can cause compatibility problems


Functions in ldap

Functions in LDAP

  • 4 main commands in editing LDAP directories:

    • Add, delete, modify & modify DN

  • Modify changes the whole directory entry, modify DN just changes name of the entry


Functions in ldap modify dn example

Functions in LDAP: Modify DN example

  • cn=Modify Me, o=University of Florida, c=US cn=The New Me

    The command: ldapmodify -r -f /tmp/entrymods

    will change the RDN of the "Modify Me" entry from "Modify Me" to "The New Me" and the old cn, "Modify Me" will be removed


Functions in ldap delete example

Functions in LDAP:Delete Example

  • ldapdelete "cn=Delete Me, o=University of Florida, c=US"

    will attempt to delete the entry named with commonName "Delete Me" directly below the University of Florida organizational entry.


Functions in ldap modify example

Functions in LDAP:Modify Example

  • dn: cn=Modify Me, o=University of Florida, c=US changetype: modifyreplace: mailmail: Dr [email protected]: titletitle: Grand OCEANdelete: description


Functions in ldap modify example cont

Functions in LDAP:Modify Example cont.

The above function will replace the contents of the "Modify Me" entry's mail attribute with the value “Dr [email protected]", add a title of "Grand OCEAN", and completely remove the description attribute.

  • The add function works almost the same as modify.


Referral scheme

Referral Scheme


Contd

..Contd

  • Client requests information

  • Server 1 returns referral to server 2

  • Client resends request to server 2

  • Server 2 returns information to client


Ldif its uses

LDIF & its Uses

  • LDAP Data Interchange Format

  • Represents LDAP entries in text

  • Human readable format

  • Allows easy modification of data

  • To make basic imports/exports.


  • Schemas

    SCHEMAS

    • Schema contains the following:

    • Required attributes

    • Allowed attributes

    • How to compare attributes

    • Limit what the attributes can store - ie, restrict to integer etc

    • Set of rules that describes what kind of data is stored

    • Helps maintain consistancy and quality of data

    • Reduces duplication of data


    Why is ldap important

    Why is LDAP Important?

    • Provides a standard for finding people or resources

    • Much different then web searches, which are simply pattern matching

    • Quickly becoming popular with major companies ie: Netscape, Novell

    • Vendor independent open protocol


    What isn t ldap intended for

    What isn’t LDAP intended for?

    • Not useful as a local database

    • Not able to replace file systems

    • Not meant to replace DNS, but it can work in conjunction with DNS


    Ldap on the web

    LDAP on the web

    • There are many web based LDAP servers that can be called in programs or searched directly via the web

    • Used behind the scenes at online shopping sites and other web sites

    • Used by Netscape for it’s email address book


    Ldap and java naming services

    JNDI

    • What is JNDI?

    • Setup

    • Concepts & Classes


    What is jndi

    What is JNDI?

    • Java Naming and Directory Interface API

    • Introduced in March, 1997 by Sun Microsystems

    • Purpose: to provide a common access to different types of directories


    What is jndi1

    What is JNDI?


    Packages

    Packages

    • javax.naming

    • javax.naming.directory

    • javax.naming.event

    • javax.naming.ldap

    • javax.naming.spi


    Class context

    Class: Context

    • Methods:

      • bind(String name, Object obj);

      • close();

      • list(String name);

      • listBindings(String name);

      • lookup(String name); // most commonly used

      • rebind(String name, Object obj);

      • rename(String oldName, String newName);

      • unbind(String name);


    Class dircontext

    Class: DirContext

    • Extends Context

    • methods:

      • getAttributes(String name);

      • modifyAttributes(String name, ModificationItem[] mods);

      • search(String name, Attributes matchAttrs);


    Classes initialcontext initialdircontext

    Classes: InitialContext & InitialDirContext

    • All operations are performed relative to an initial context

    • set environment properties

      • Location of server (PROVIDER_URL)

      • How to create a context (INITIAL_CONTEXT_FACTORY)

    • instantiation may throw a NamingException


    Summary

    Summary

    • LDAP is useful for finding people and/or resources over a network

    • Searches directories using distinguished names

    • JNDI provides a common access to directories of different types


    Ldap and java naming services

    Demo

    • Retrieving an object’s attributes

    • Searching the directory by supplying a name


    1 retrieving an object s attributes

    1. Retrieving an object’s attributes

    Hashtable env = new Hashtable();

    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

    env.put(Context.PROVIDER_URL, "ldap://directory.ufl.edu:389/o=ufl,c=us");

    try {

    DirContext ctx = new InitialDirContext(env);

    // Get the attributes associated with the object bound to the name "ou=students"

    Attributes answer = ctx.getAttributes("ou=students");


    1 retrieving an object s attributes cont

    1. Retrieving an object’s attributes (cont…)

    // Print out the attributes

    printIdAndValue(answer);

    System.out.println("-------------------------------------------");

    ctx.close();

    } catch (NamingException e) {

    System.err.println("Exception caught:" + e); }


    The print method

    The print method

    NamingEnumeration enum = toPrint.getAll();

    try {

    while (enum.hasMore()) {

    Attribute attr = (Attribute)enum.next();

    // print out the attribute identifier

    System.out.println("attribute: " + attr.getID());

    // print out each value

    for (NamingEnumeration valueEnum = attr.getAll(); valueEnum.hasMore(); System.out.println("value: " + valueEnum.next()));

    }

    } catch (NamingException e) {

    System.err.println("Exception caught: " + e);

    }


    2 name search

    2. Name search

    DirContext ctx = new InitialDirContext(env);

    Attributes matchAttrs = new BasicAttributes(true);

    matchAttrs.put(new BasicAttribute("sn", "King"));

    /* The above code adds an attribute to the set; could also have done

    Attributes matchAttrs = new BasicAttributes("sn","King",true);

    Note: true = case insensitive; false = case sensitive */

    // Note: a search returns an enumeration of SearchResult objects

    NamingEnumeration enum = ctx.search("ou=students", matchAttrs);


    2 name search cont

    2. Name search (cont…)

    while (enum.hasMore()) {

    // Get the next SearchResult object & print out it's name

    SearchResult result = (SearchResult)enum.next();

    System.out.println(">>>" + result.getName());

    Attributes attrSet = result.getAttributes(); // attrSet is a set of attributes

    // print the attribute identifiers and values

    printIdAndValue(attrSet);

    }


    Ldap and java naming services

    THANK YOU.


  • Login