directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r840731 - in /websites/staging/directory/trunk/content: ./ api/user-guide/1-introduction.html api/user-guide/1.1-java-and-ldap.html api/user-guide/2.1-connection-disconnection.html api/user-guide/2.2-binding-unbinding.html
Date Tue, 04 Dec 2012 15:31:45 GMT
Author: buildbot
Date: Tue Dec  4 15:31:43 2012
New Revision: 840731

Log:
Staging update by buildbot for directory

Added:
    websites/staging/directory/trunk/content/api/user-guide/2.1-connection-disconnection.html
    websites/staging/directory/trunk/content/api/user-guide/2.2-binding-unbinding.html
Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/api/user-guide/1-introduction.html
    websites/staging/directory/trunk/content/api/user-guide/1.1-java-and-ldap.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Tue Dec  4 15:31:43 2012
@@ -1 +1 @@
-1416887
+1416994

Modified: websites/staging/directory/trunk/content/api/user-guide/1-introduction.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/1-introduction.html (original)
+++ websites/staging/directory/trunk/content/api/user-guide/1-introduction.html Tue Dec  4
15:31:43 2012
@@ -129,6 +129,13 @@
 <h1 id="1-introduction">1 - Introduction</h1>
 <p>This User Guide goal is to provide some clue for any developer wanting to use the
LDAP API. We have mixed some description of each important features with some tested snippet
of code (all of them has been integrated as tests in the API code).</p>
 <p>We hope it will be enough for you to quickly get started, but in any case, if you
feel like improving this document, feel free to post your suggestion to the Apache Directory
mailing list : any contribution is welcomed !</p>
+<h2 id="contents">Contents</h2>
+<ul>
+<li><a href="1.1-java-and-ldap.html">1.1 - Java and LDAP</a></li>
+<li><a href="1.2-ldap-in-a-few-words.html">1.2 - LDAP in a few words</a></li>
+<li><a href="1.3-apache-ldap-api-rational.html">1.3 - The Apache LDAP API rational</a></li>
+<li><a href="1.4-preparation-to-code.html">1.4 - Preparation to code</a></li>
+</ul>
 
 
     <div class="nav">

Modified: websites/staging/directory/trunk/content/api/user-guide/1.1-java-and-ldap.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/1.1-java-and-ldap.html (original)
+++ websites/staging/directory/trunk/content/api/user-guide/1.1-java-and-ldap.html Tue Dec
 4 15:31:43 2012
@@ -127,22 +127,22 @@
 
 
 <h1 id="11-java-and-ldap">1.1 - Java and LDAP</h1>
-<p>Most developer will, at some point, face the tricky task to communicate with a LDAP
server. LDAP seems to be a very simple technology, but when you get deep into it, you realize
that many aspects are not well known, and not so easy to deal with.</p>
-<p>Java is most certainly the number one language used in the enterprise, for around
10 years now. Some even call it the new Cobol !</p>
-<p>Those two facts make it necessary to be able to communicate with a LDAP server in
Java. This is ware a convenient API is useful, and this is why we decided to provide this
API.</p>
-<p>Of course, there are alternatives, like JNDI. We truly believe that those alternative
aren't helping users to cope with the complexity of LDAP, at least they are not giving a hand
to users. For instance, JNDI semantic are far awy from *LDAP semantic. Let's see how different
it is :</p>
+<p>Most developer will, at some point, face the tricky task to communicate with a <strong>LDAP</strong>
server. <strong>LDAP</strong> seems to be a very simple technology, but when you
get deep into it, you realize that many aspects are not well known, and not so easy to deal
with.</p>
+<p>Java is most certainly the number one language used in the enterprise, for around
10 years now. Some even call it the new <strong>Cobol</strong> !</p>
+<p>Those two facts make it necessary to be able to communicate with a <strong>LDAP</strong>
server in <strong>Java</strong>. This is ware a convenient <strong>API</strong>
is useful, and this is why we decided to provide this <strong>API</strong>.</p>
+<p>Of course, there are alternatives, like <strong>JNDI</strong>. We truly
believe that those alternative aren't helping users to cope with the complexity of <strong>LDAP</strong>,
at least they are not giving a hand to users. For instance, <strong>JNDI</strong>
semantic are far awy from <strong>LDAP</strong> semantic. Let's see how different
it is :</p>
 <ul>
-<li>Bind : used in LDAP to authenticate a user, and to create an entry in JNDI</li>
-<li>Unbind : close the LDAP session in LDAP, delete an entry in JNDI</li>
-<li>Compare : this LDAP operation is mapped to a Search in JNDI</li>
-<li>Various properties have to be set in JNDI in order to connect or tweak the Search
operation, which is not convenient</li>
-<li>Attributes is case sensitive by default in JNDI, and they aren't schema aware</li>
-<li>Name in JNDI are not able to do a valid comparison in JNDI</li>
-<li>NamingEnumeration have to be explcitly closed in JNDI, as they aren't closed when
you disconnect, leading to some resource leaks.</li>
+<li><strong>Bind</strong> : used in <strong>LDAP</strong> to
authenticate a user, and to create an entry in <strong>JNDI</strong></li>
+<li><strong>Unbind</strong> : close the <strong>LDAP</strong>
session in <strong>LDAP</strong>, delete an entry in <strong>JNDI</strong></li>
+<li><strong>Compare </strong>: this <strong>LDAP</strong> operation
is mapped to a Search in <strong>JNDI</strong></li>
+<li>Various properties have to be set in <strong>JNDI</strong> in order
to connect or tweak the <strong>Search</strong> operation, which is not convenient</li>
+<li><strong>Attributes</strong> is case sensitive by default in <strong>JNDI</strong>,
and they aren't schema aware</li>
+<li><strong>Name</strong> in <strong>JNDI</strong> are not
able to do a valid comparison in <strong>JNDI</strong></li>
+<li><strong>NamingEnumeration</strong> have to be explcitly closed in <strong>JNDI</strong>,
as they aren't closed when you disconnect, leading to some resource leaks.</li>
 </ul>
-<p>Some of those problems are also true for the existing LDAP API.</p>
-<p>All in all, writing application including some LDAP operations in Java is just a
painful task for most of the developers.</p>
-<p>Our target is to provide a better API, that will help them getting efficient with
their LDAP interaction.</p>
+<p>Some of those problems are also true for the existing <strong>LDAP API</strong>.</p>
+<p>All in all, writing application including some <strong>LDAP</strong>
operations in <strong>Java</strong> is just a painful task for most of the developers.</p>
+<p>Our target is to provide a better <strong>API</strong>, that will help
them getting efficient with their <strong>LDAP</strong> interaction.</p>
 
 
     <div class="nav">

Added: websites/staging/directory/trunk/content/api/user-guide/2.1-connection-disconnection.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/2.1-connection-disconnection.html
(added)
+++ websites/staging/directory/trunk/content/api/user-guide/2.1-connection-disconnection.html
Tue Dec  4 15:31:43 2012
@@ -0,0 +1,196 @@
+<!DOCTYPE html>
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+<html>
+	<head>
+		<title>2.1 - Connection and disconnection &mdash; Apache Directory</title>
+		
+	    <link href="./../../css/common.css" rel="stylesheet" type="text/css">
+	    <link href="./../../css/brown.css" rel="stylesheet" type="text/css">
+    
+	</head>
+	<body>
+	    <div id="container">
+            <div id="header">
+                <div id="subProjectsNavBar">
+                    <a href="./../../">
+                        
+                        Apache Directory Project
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../apacheds">
+                        
+                        ApacheDS
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../studio">
+                        
+                        Apache Directory Studio
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../api">
+                        
+                        <STRONG>Apache LDAP API</STRONG>
+                        
+                    </a>
+                </div><!-- subProjectsNavBar -->
+            </div><!-- header -->
+            <div id="content">
+                <div id="leftColumn">
+                    
+<div id="navigation">
+    
+    <h5>Latest Downloads</h5>
+    <ul>
+	    <li><a href="./../../api/downloads.html">Version 1.0.0-M13</a>&nbsp;&nbsp;<IMG
src="./../../images/new_badge.gif" alt="" style="margin-bottom:-3px;" border="0"></li>
+    </ul>
+    <h5>Getting Started</h5>
+    <ul>
+        <li><a href="./../../api/vision.html">Vision</a></li>
+        <li><a href="./../../api/java-api.html">Java API</a></li>
+        <li><a href="./../../api/groovy-ldap.html">Groovy API</a></li>
+    </ul>
+    <h5>Documentation</h5>
+    <ul>
+	    <li><a href="./../../api/five-minutes-tutorial.html">Five minutes tutorial</a></li>
+	    <li><a href="./../../api/user-guide.html">User Guide</a></li>
+        <li><a href="./../../api/gen-docs/latest/apidocs/">JavaDocs</a></li>
+        <!--li><a href="./../../api/gen-docs/latest/">Generated Reports</a></li-->
+        <li><a href="./../../api/developer-guide.html">Developer Guide</a></li>
+    </ul>
+    
+    
+    <h5>Support</h5>
+    <ul>
+        <li><a href="./../../mailing-lists-and-irc.html">Mailing Lists &amp;
IRC</a></li>
+        <li><a href="./../../sources.html">Sources</a></li>
+        <li><a href="./../../issue-tracking.html">Issue Tracking</a></li>
+        <li><a href="./../../commercial-support.html">Commercial Support</a></li>
+    </ul>
+    <h5>Community</h5>
+    <ul>
+        <li><a href="./../../contribute.html">How to Contribute</a></li>
+        <li><a href="./../../team.html">Team</a></li>
+        <li><a href="./../../original-project-proposal.html">Original Project
Proposal</a></li>
+        <li><a href="./../../special-thanks.html" class="external-link" rel="nofollow">Special
Thanks</a></li>
+    </ul>
+    <h5>About Apache</h5>
+    <ul>
+        <li><a href="http://www.apache.org/">Apache</a></li>
+        <li><a href="http://www.apache.org/licenses/">License</a></li>
+        <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+        <li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li>
+        <li><a href="http://www.apache.org/security/">Security</a></li>
+    </ul>
+    
+</div><!-- navigation -->
+
+                </div><!-- leftColumn -->
+                <div id="rightColumn">
+
+
+    <div class="nav">
+        <div class="nav_prev">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_up">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_next">
+        
+            <a href="2.2-binding-unbinding.html">2.2 - Binding and unbinding</a>
+		
+        </div>
+        <div class="clearfix"></div>
+    </div>
+
+
+<h1 id="21-connection-and-disconnection">2.1 - Connection and disconnection</h1>
+<p><strong>LDAP</strong> is a protocol which requires the user to be connected
- and eventually identified - in order to be able to send requests to the server. We maintain
this connection potentially forever. What make the <strong>LDAP</strong> protocol
different from, say, the <em>HTTP</em> protocol is that the connection must be
issued explicitly. Let's see how we do that.</p>
+<h2 id="opening-a-connection">Opening a connection</h2>
+<p>We can open a secure or a standard connection. </p>
+<h3 id="standard-connection">Standard connection</h3>
+<p>We can first establish a standard connection, where the data are sent and received
in clear text (encoded in ASN.1 BER, but still not encrypted). This example expose the way
it's done :</p>
+<div class="codehilite"><pre><span class="n">LdapConnection</span>
<span class="n">connection</span> <span class="o">=</span> <span
class="k">new</span> <span class="n">LdapNetworkConnection</span><span
class="o">(</span> <span class="s">&quot;localhost&quot;</span><span
class="o">,</span> <span class="mi">389</span> <span class="o">);</span>
+</pre></div>
+
+
+<p>Here, we just created an unsafe connection locally, using the 389 port. Quite simple...</p>
+<h3 id="secure-connection">Secure connection</h3>
+<p>Although the <strong>LDAPS</strong> (<strong>LDAP</strong>
over <strong>SSL</strong>) is now considered as deprecated, many people continue
to use it. The big advantage of not using <strong>LDAPS</strong> is that you don't
need to setup two different listening ports (one for <strong>LDAP</strong> -389-
and another one for <strong>LDAPS</strong> -636- ).</p>
+<p>The only difference with the previous example is that we have to tell the connection
that it has to use <strong>SSL</strong>, by passing <strong><em>true</em></strong>
as a third parameter (incidentally, passing <strong><em>false</em></strong>
set a unsafe connection).</p>
+<p>Here is an example</p>
+<div class="codehilite"><pre><span class="n">LdapConnection</span>
<span class="n">connection</span> <span class="o">=</span> <span
class="k">new</span> <span class="n">LdapNetworkConnection</span><span
class="o">(</span> <span class="s">&quot;localhost&quot;</span><span
class="o">,</span> <span class="mi">636</span><span class="o">,</span>
<span class="kc">true</span> <span class="o">);</span>
+</pre></div>
+
+
+<p>h2. Maintaining the connection opened</p>
+<p>We keep the connection opened for a limited period of time, defaulting to 30 seconds.
This might be not long enough, so one can change this delay by calling the <em>setTimeOut()</em>
method :</p>
+<div class="codehilite"><pre><span class="n">LdapConnection</span>
<span class="n">connection</span> <span class="o">=</span> <span
class="k">new</span> <span class="n">LdapNetworkConnection</span><span
class="o">(</span> <span class="s">&quot;localhost&quot;</span><span
class="o">,</span> <span class="mi">389</span> <span class="o">);</span>
+<span class="n">connection</span><span class="o">.</span><span
class="na">setTimeOut</span><span class="o">(</span> <span class="mi">0</span>
<span class="o">);</span>
+<span class="o">...</span>
+<span class="n">connection</span><span class="o">.</span><span
class="na">close</span><span class="o">();</span>
+</pre></div>
+
+
+<blockquote>
+<p><strong>Note:</strong> Setting a value equal or below 0 will keep the
connection opened for ever (or a soon as the connection is not explicitly closed).</p>
+</blockquote>
+<h2 id="closing-the-connection">Closing the connection</h2>
+<p>Once you don't need to use the connection anymore (remember that hodling a connection
keeps a session opened on the server, and a socket opened between the client and the server),
then you have to close it. This is done by calling the <em>close()</em> method
:</p>
+<div class="codehilite"><pre><span class="n">LdapConnection</span>
<span class="n">connection</span> <span class="o">=</span> <span
class="k">new</span> <span class="n">LdapNetworkConnection</span><span
class="o">(</span> <span class="s">&quot;localhost&quot;</span><span
class="o">,</span> <span class="mi">389</span> <span class="o">);</span>
+<span class="o">...</span>
+<span class="n">connection</span><span class="o">.</span><span
class="na">close</span><span class="o">();</span>
+</pre></div>
+
+
+    <div class="nav">
+        <div class="nav_prev">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_up">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_next">
+        
+            <a href="2.2-binding-unbinding.html">2.2 - Binding and unbinding</a>
+		
+        </div>
+        <div class="clearfix"></div>
+    </div>
+
+
+                </div><!-- rightColumn -->
+                <div id="endContent"></div>
+            </div><!-- content -->
+            <div id="footer">&copy; 2003-2012, <a href="http://www.apache.org">The
Apache Software Foundation</a> - <a href="./../../privacy-policy.html">Privacy
Policy</a><br />
+                Apache Directory, ApacheDS, Apache Directory Server, Apache Directory Studio,
Apache LDAP API, Apache Triplesec, Triplesec, Apache, the Apache feather logo, and the Apache
Directory project logos are trademarks of The Apache Software Foundation.
+            </div>
+        </div><!-- container -->
+    </body>
+</html>
\ No newline at end of file

Added: websites/staging/directory/trunk/content/api/user-guide/2.2-binding-unbinding.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/2.2-binding-unbinding.html (added)
+++ websites/staging/directory/trunk/content/api/user-guide/2.2-binding-unbinding.html Tue
Dec  4 15:31:43 2012
@@ -0,0 +1,252 @@
+<!DOCTYPE html>
+<!--
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+<html>
+	<head>
+		<title>2.2 - Binding and unbinding &mdash; Apache Directory</title>
+		
+	    <link href="./../../css/common.css" rel="stylesheet" type="text/css">
+	    <link href="./../../css/brown.css" rel="stylesheet" type="text/css">
+    
+	</head>
+	<body>
+	    <div id="container">
+            <div id="header">
+                <div id="subProjectsNavBar">
+                    <a href="./../../">
+                        
+                        Apache Directory Project
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../apacheds">
+                        
+                        ApacheDS
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../studio">
+                        
+                        Apache Directory Studio
+                        
+                    </a>
+                    &nbsp;|&nbsp;
+                    <a href="./../../api">
+                        
+                        <STRONG>Apache LDAP API</STRONG>
+                        
+                    </a>
+                </div><!-- subProjectsNavBar -->
+            </div><!-- header -->
+            <div id="content">
+                <div id="leftColumn">
+                    
+<div id="navigation">
+    
+    <h5>Latest Downloads</h5>
+    <ul>
+	    <li><a href="./../../api/downloads.html">Version 1.0.0-M13</a>&nbsp;&nbsp;<IMG
src="./../../images/new_badge.gif" alt="" style="margin-bottom:-3px;" border="0"></li>
+    </ul>
+    <h5>Getting Started</h5>
+    <ul>
+        <li><a href="./../../api/vision.html">Vision</a></li>
+        <li><a href="./../../api/java-api.html">Java API</a></li>
+        <li><a href="./../../api/groovy-ldap.html">Groovy API</a></li>
+    </ul>
+    <h5>Documentation</h5>
+    <ul>
+	    <li><a href="./../../api/five-minutes-tutorial.html">Five minutes tutorial</a></li>
+	    <li><a href="./../../api/user-guide.html">User Guide</a></li>
+        <li><a href="./../../api/gen-docs/latest/apidocs/">JavaDocs</a></li>
+        <!--li><a href="./../../api/gen-docs/latest/">Generated Reports</a></li-->
+        <li><a href="./../../api/developer-guide.html">Developer Guide</a></li>
+    </ul>
+    
+    
+    <h5>Support</h5>
+    <ul>
+        <li><a href="./../../mailing-lists-and-irc.html">Mailing Lists &amp;
IRC</a></li>
+        <li><a href="./../../sources.html">Sources</a></li>
+        <li><a href="./../../issue-tracking.html">Issue Tracking</a></li>
+        <li><a href="./../../commercial-support.html">Commercial Support</a></li>
+    </ul>
+    <h5>Community</h5>
+    <ul>
+        <li><a href="./../../contribute.html">How to Contribute</a></li>
+        <li><a href="./../../team.html">Team</a></li>
+        <li><a href="./../../original-project-proposal.html">Original Project
Proposal</a></li>
+        <li><a href="./../../special-thanks.html" class="external-link" rel="nofollow">Special
Thanks</a></li>
+    </ul>
+    <h5>About Apache</h5>
+    <ul>
+        <li><a href="http://www.apache.org/">Apache</a></li>
+        <li><a href="http://www.apache.org/licenses/">License</a></li>
+        <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+        <li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li>
+        <li><a href="http://www.apache.org/security/">Security</a></li>
+    </ul>
+    
+</div><!-- navigation -->
+
+                </div><!-- leftColumn -->
+                <div id="rightColumn">
+
+
+    <div class="nav">
+        <div class="nav_prev">
+        
+            <a href="2.1-connection-disconnection.html">2.1 - Connection and disconnection</a>
+		
+        </div>
+        <div class="nav_up">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_next">
+        
+            <a href="2.3-searching.html">2.3 Searching</a>
+		
+        </div>
+        <div class="clearfix"></div>
+    </div>
+
+
+<h1 id="22-binding-and-unbinding">2.2 - Binding and unbinding (...)</h1>
+<p>In <strong>LDAP</strong>, if one wants to access the data in the base,
the common way to do it is to bind on the server. However, it's important to understand that
binding is a different beast than connection.</p>
+<p>Creating a connection to a <strong>LDAP</strong> server is just about
opening a socket between the client and the server. You just need to provide the address and
the port. </p>
+<p>The <strong>bind</strong> operation, on the other hand, create a <em>Session</em>
which will hold some user's information for the time being of the session. Those information
are quite limited, they include the user's credentials.</p>
+<p>But it's important to know that it's possible to bind as anonymous, providing no
name and password, and still be able to request the server (note though that the server can
forbid such anonymous bind).</p>
+<p>Once the user has finished to request the server, then he can unbind, destroying
his session on the server. That does not close the connection, because, one more time, <em>bind
!= connection</em>.</p>
+<h2 id="binding">Binding</h2>
+<p>You have two possible types of binds in <em>LDAP</em> :</p>
+<ul>
+<li><strong>Simple</strong></li>
+<li><strong>SASL</strong></li>
+</ul>
+<p>The first one is based on a user/password being send to the server, which check
that they are valid. It's also possible to proceed an Anonymous bind explicitly.</p>
+<p>The second one is more complex, and is used if you want to proceed an authentication
with some specific mechanism, like <strong>DIGEST-MD5</strong>, <strong>Kerberos</strong>
or certificate based.</p>
+<h3 id="simple-bind">Simple Bind</h3>
+<p>One can issue three kind of Simple bind :
+<em> <em>anonymous bind</em></em> <em>name/password bind</em>
+* <em>unauthenticated authentication bind</em></p>
+<p>The first one is the easiest one, but depending on the server configuration, it
will be accepted or rejected (all the servers don't allow anonymous binds)</p>
+<p>Issuing an anonymous bind is very simple, you just provide no user name nor any
password :</p>
+<div class="codehilite"><pre><span class="nd">@Test</span>
+<span class="kd">public</span> <span class="kt">void</span> <span
class="nf">testAnonymousBindRequest</span><span class="o">()</span> <span
class="kd">throws</span> <span class="n">Exception</span>
+<span class="o">{</span>
+    <span class="n">BindResponse</span> <span class="n">bindResponse</span>
<span class="o">=</span> <span class="n">connection</span><span
class="o">.</span><span class="na">bind</span><span class="o">();</span>
+
+    <span class="n">assertNotNull</span><span class="o">(</span>
<span class="n">bindResponse</span> <span class="o">);</span>
+    <span class="n">assertEquals</span><span class="o">(</span> <span
class="n">ResultCodeEnum</span><span class="o">.</span><span class="na">SUCCESS</span><span
class="o">,</span> <span class="n">bindResponse</span><span class="o">.</span><span
class="na">getLdapResult</span><span class="o">().</span><span class="na">getResultCode</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+<span class="o">}</span>
+</pre></div>
+
+
+<p>Issuing a user/password bind is just slightly more complex, you just have to provide
your user name and its password :</p>
+<div class="codehilite"><pre><span class="nd">@Test</span>
+<span class="kd">public</span> <span class="kt">void</span> <span
class="nf">testSimpleBindRequest</span><span class="o">()</span> <span
class="kd">throws</span> <span class="n">Exception</span>
+<span class="o">{</span>
+    <span class="n">BindResponse</span> <span class="n">bindResponse</span>
<span class="o">=</span> <span class="n">connection</span><span
class="o">.</span><span class="na">bind</span><span class="o">(</span>
<span class="s">&quot;uid=admin,ou=system&quot;</span><span class="o">,</span>
<span class="s">&quot;secret&quot;</span> <span class="o">);</span>
+
+    <span class="n">assertNotNull</span><span class="o">(</span>
<span class="n">bindResponse</span> <span class="o">);</span>
+    <span class="n">assertEquals</span><span class="o">(</span> <span
class="n">ResultCodeEnum</span><span class="o">.</span><span class="na">SUCCESS</span><span
class="o">,</span> <span class="n">bindResponse</span><span class="o">.</span><span
class="na">getLdapResult</span><span class="o">().</span><span class="na">getResultCode</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+<span class="o">}</span>
+</pre></div>
+
+
+<blockquote>
+<p><strong>Note</strong> It's important to note that the user's name is
a <em><a href="6.9-dn.html">Dn</a></em>, not a simple name like 'John
doe"</p>
+</blockquote>
+<p>Last, not least, there is a quite unknown feature in <strong>LDAP</strong>
bind that allows you to issue a Bind request without providing a password. It's equivalent
to an anonymous bind, except that the server can log the user's name, thus being able to trace
what the user does. Servers might forbid such bind, and this will be the case if the server
disallow anonymous binds.</p>
+<p>Note that this kind of bind will be supported only if the server allows anonymous
binds. It's not supported by <em>ApacheDS</em>.</p>
+<div class="codehilite"><pre><span class="nd">@Test</span>
+<span class="kd">public</span> <span class="kt">void</span> <span
class="nf">testSimpleBindRequest</span><span class="o">()</span> <span
class="kd">throws</span> <span class="n">Exception</span>
+<span class="o">{</span>
+
+    <span class="n">BindResponse</span> <span class="n">bindResponse</span>
<span class="o">=</span> <span class="n">connection</span><span
class="o">.</span><span class="na">bind</span><span class="o">(</span>
<span class="s">&quot;uid=admin,ou=system&quot;</span> <span class="o">);</span>
+
+    <span class="n">assertNotNull</span><span class="o">(</span>
<span class="n">bindResponse</span> <span class="o">);</span>
+    <span class="n">assertEquals</span><span class="o">(</span> <span
class="n">ResultCodeEnum</span><span class="o">.</span><span class="na">SUCCESS</span><span
class="o">,</span> <span class="n">bindResponse</span><span class="o">.</span><span
class="na">getLdapResult</span><span class="o">().</span><span class="na">getResultCode</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertFalse</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+<span class="o">}</span>
+</pre></div>
+
+
+<h3 id="sasl-bind">SASL Bind</h3>
+<p>TO BE COMPLETED</p>
+<h3 id="unbinding">Unbinding</h3>
+<p>This is a trivial operation : you just send an <strong>UnbindRequest</strong>
to the server, which will invalidate your session. </p>
+<p>It's important to know that when you issue an <strong>Unbind</strong>,
the connection is dropped. However, if you immediately try another bind, the <strong>API</strong>
will open the connection again, using the information provided when the connection has been
created. You can then do such a thing :</p>
+<div class="codehilite"><pre><span class="nd">@Test</span>
+<span class="kd">public</span> <span class="kt">void</span> <span
class="nf">testDoubleSimpleBindValid</span><span class="o">()</span>
<span class="kd">throws</span> <span class="n">Exception</span>
+<span class="o">{</span>
+    <span class="n">BindResponse</span> <span class="n">response</span>
<span class="o">=</span> <span class="n">connection</span><span
class="o">.</span><span class="na">bind</span><span class="o">(</span>
<span class="s">&quot;uid=admin,ou=system&quot;</span><span class="o">,</span>
<span class="s">&quot;secret&quot;</span> <span class="o">);</span>
+    <span class="n">assertEquals</span><span class="o">(</span> <span
class="n">ResultCodeEnum</span><span class="o">.</span><span class="na">SUCCESS</span><span
class="o">,</span> <span class="n">response</span><span class="o">.</span><span
class="na">getLdapResult</span><span class="o">().</span><span class="na">getResultCode</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isConnected</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+
+    <span class="c1">// Now, unbind</span>
+    <span class="n">connection</span><span class="o">.</span><span
class="na">unBind</span><span class="o">();</span>
+    <span class="n">assertFalse</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isConnected</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertFalse</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+
+    <span class="c1">// And Bind again.</span>
+    <span class="n">response</span> <span class="o">=</span> <span
class="n">connection</span><span class="o">.</span><span class="na">bind</span><span
class="o">(</span> <span class="s">&quot;uid=admin,ou=system&quot;</span><span
class="o">,</span> <span class="s">&quot;secret&quot;</span>
<span class="o">);</span>
+    <span class="n">LdapResult</span> <span class="n">ldapResult3</span>
<span class="o">=</span> <span class="n">response3</span><span
class="o">.</span><span class="na">getLdapResult</span><span class="o">();</span>
+    <span class="n">assertEquals</span><span class="o">(</span> <span
class="n">ResultCodeEnum</span><span class="o">.</span><span class="na">SUCCESS</span><span
class="o">,</span> <span class="n">response</span><span class="o">.</span><span
class="na">getLdapResult</span><span class="o">.</span><span class="na">getResultCode</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isConnected</span><span
class="o">()</span> <span class="o">);</span>
+    <span class="n">assertTrue</span><span class="o">(</span> <span
class="n">connection</span><span class="o">.</span><span class="na">isAuthenticated</span><span
class="o">()</span> <span class="o">);</span>
+<span class="o">}</span>
+</pre></div>
+
+
+<p>If you issue a <em>bind</em> on the same connection with some different
credentials, then the existing session will be terminated on the server, and a new one will
be created. All the pending requests for the initial session will be lost.</p>
+<p>Last, not least, if you close the connection, then the session will also be terminated.</p>
+
+
+    <div class="nav">
+        <div class="nav_prev">
+        
+            <a href="2.1-connection-disconnection.html">2.1 - Connection and disconnection</a>
+		
+        </div>
+        <div class="nav_up">
+        
+            <a href="2-basic-ldap-api-usage.html">2 - Basic LDAP API usage</a>
+		
+        </div>
+        <div class="nav_next">
+        
+            <a href="2.3-searching.html">2.3 Searching</a>
+		
+        </div>
+        <div class="clearfix"></div>
+    </div>
+
+
+                </div><!-- rightColumn -->
+                <div id="endContent"></div>
+            </div><!-- content -->
+            <div id="footer">&copy; 2003-2012, <a href="http://www.apache.org">The
Apache Software Foundation</a> - <a href="./../../privacy-policy.html">Privacy
Policy</a><br />
+                Apache Directory, ApacheDS, Apache Directory Server, Apache Directory Studio,
Apache LDAP API, Apache Triplesec, Triplesec, Apache, the Apache feather logo, and the Apache
Directory project logos are trademarks of The Apache Software Foundation.
+            </div>
+        </div><!-- container -->
+    </body>
+</html>
\ No newline at end of file



Mime
View raw message