LDAP

Attributes

URI:	http://www.xmlpipe.org/xpe/util/filter/ldap
Type:	filter
Namespace:	http://www.xmlpipe.org/xpe/ldap
Owner:	http://www.xmlpipe.org/xpe/util

Description

This filter allows XPE pipelines to communicate with a LDAP server and perform search against the LDAP server. This filter consumes elements within its namespace and leaves all other elements untouched.

Elements

Element name

Description

l:context

Main outer element. This element is mandatory and specifies how a LDAP connection is established.

Attributes

Attribute name	Description
uri	Specifies the URI of a LDAP server. For example, ldap://localhost:389
principal	Specifies an security principal. For example, principal="cn=Manager,dc=example,dc=com,dc=au"
credentials	This is the basically the password of the principal. For example, credentials="secret". Depending on your server, you can specify an encrypted password, for example, credentials="{crypt}ijFYNcSNctBYg"
securityProtocol	Specifies the security protocol in establishing a connection. For example, "ssl". If unspecified, this is determined by the LDAP server.
securityAuthentication	Only three values are accepted:"none","simple","strong". If unspecified, this is determined by the LDAP server.
contextFactory	Specifies the context factory. Default to "com.sun.jndi.ldap.LdapCtxFactory".

Example

   <l:context uri="ldap://localhost" principal="cn=Manager,dc=example,dc=com,dc=au" credentials="secret" xmlns:l="http://www.xmlpipe.org/xpe/ldap" >
      ...
   </l:context>

l:search

The search element defines a query to be performed against the LDAP server.

Attributes

Attribute name	Description
context	The context of the server. For example, "dc=example,dc=com,dc=au".
filter	The search filter as defined in RFC2254.
scope	Search scope. Only two values are accepted: "onelevel" or "subtree". If the value is "onelevel", it will only search entries in the current context. If the value is "subtree", it will search sub-trees in the current context.
matchingAttribues	If specified, only those attributes specified in this attributed will be listed. To specify matching attributes, list them and separate them with "," .
limit	The limit attribute can be used to specify how many entries to limit the result set to. If omitted it defaults to 10.
timeLimit	Time to wait for a connection before giving up in ms. Default to 50000.

Example

   <l:context uri="ldap://localhost" principal="cn=Manager,dc=example,dc=com,dc=au" credentials="secret" xmlns:l="http://www.xmlpipe.org/xpe/ldap" >
      <l:search scope="subtree" context="dc=example,dc=com,dc=au" filter="(objectclass=*)" matchingAttributes="uid,description" />
   </l:context>

The output of the filter generates an XML fragment with the following structure :

Example

   <l:result xmlns:l="http://www.xmlpipe.org/xpe/ldap" >
      <l:entry name="entry name" >
         <l:attribute name="attribute name" value="attribute value" />
         *
      </l:entry>
      *
   </l:result>

The root element is l:result, which contains zero or more l:entry elements. Each l:entry element has zero or more attribute elements. For example,

Example

   <l:result xmlns:l="http://www.xmlpipe.org/xpe/ldap" >
      <l:entry name="" >
         <l:attribute name="description" value="Example Pty Ltd a sample company" />
      </l:entry>
      <l:entry name="ou=group" >
         <l:attribute name="description" value="Groups in example" />
      </l:entry>
      <l:entry name="ou=people" >
         <l:attribute name="description" value="People accounts" />
      </l:entry>
      <l:entry name="uid=root,ou=people" >
         <l:attribute name="uid" value="root" />
      </l:entry>
      <l:entry name="uid=oscarp,ou=people" >
         <l:attribute name="uid" value="oscarp" />
      </l:entry>
      <l:entry name="uid=bobd,ou=people" >
         <l:attribute name="uid" value="bobd" />
      </l:entry>
   </l:result>