Hi Stefan,

Yeah Groovy is cool stuff and would be great for LDAP scripts if there was a good JNDI
binding for Groovy.  I spoke to James Strachan a while back about adding support to
Groovy for LDAP.  If I can remember correctly (many beers went down that evening :)) he
recommended adding a binding to Groovy for JNDI.  This binding can prevent some of
the issues you're encountering with some syntactic sugar so you can avoid constructs
like " tori.attrs.cn".

Perhaps we can look into this.  I sure would like to see Groovy scripts used for SPs and
for testing since it can lead to cleaner and more succinct code.  However I think we need
to add this binding.  If you like I can ask James to comment on how best we can do this.

Also I'm +1 on bringing about a subproject for this via a sandboxed effort. 

<OT>
I've had some correspondence with a few of the Spring LDAP guys here in Sweden
and I'd like to see if they would be interested in working with us.  This Groovy effort
is kind of similar in nature to what they have done in that it could result in removing
the need to explicitly add much of the repetitive glue code needed to access LDAP
data.
</OT>

Regards,
Alex

On 6/16/07, Stefan Zoerner <szoerner@apache.org> wrote:
Hi all!

I did some research about accessing LDAP from Groovy, in order to create
some simple scripts. Has anybody tried this out already?

Anyway, this is what I got so far: It is possible to use both JNDI and
libraries like Netscape or Novell SDK from Groovy (you can basically use
any Java library in Groovy scripts).

But these approaches have disadvantages. Netscape SDK is plain LDAP, so
the scripts look like one familiar to LDAP would expect. But the API is
not connected very well to the Collection API, so sometimes it is not
easy to use the result from Groovy. And you have a non-standard
dependency. JNDI on the other hand is easier to use (exists in every
VM), but the scripts look *horrible*, because of the LDAP abstraction
JNDI does. For instance you have to type "entry.nameInNamespace" instead
of "entry.DN" (Netscape). Igitt.

It seems that there does no special solution/library for Groovy and LDAP
exist. So I started to create a little prototype (!). Basically, it is a
wrapper which uses JNDI (in order to omit the dependency to a
non-standard library) under the hood, but looks like LDAP from the
outside (script).

The following as an example how a script which uses it looks like:

---

import org.apache.directory.groovyldap.*

con = new LDAPConnection(hostname: 'zanzibar', port: 10389)
con.connect('uid=admin,ou=system', 'secret');
// anonymous bind:
// con.connect()

// Simple entry lookup via dn
tori = con.read('cn=Tori Amos,dc=example,dc=com')
println "DN: ${tori.dn}"
println "Common name: ${tori.attrs.cn }"
println "Object classes: ${tori.attrs.objectclass}"
println ""

// search op
results = con.search('dc=example,dc=com', SearchScope.ONE,
'(objectClass=*)')
for (result in results) {
   entry = result.object
   println entry.attrs.cn
}

con.disconnect()

---

output, if run by Groovy interpreter:

DN: cn=Tori Amos,dc=example,dc=com
Common name: Tori Amos
Object classes: ["person", "organizationalPerson", "inetOrgPerson", "top"]

Tori Amos
Kate Bush

---

But there still some design decision. For instance, I would prefer
writting "tori.cn" instead of "tori.attrs.cn", but my current solution
with does work like this yet (it is feasible).

Anyway. Should I sandbox my little prototype, create a cwiki page about
how to use it, and wait and see whether other Groovy users are
interested in it? Or is it not worth the effort?

If it goes well, it may be a start for a new tiny litle sub-project
("GLDAP", "GroovyLDAP", or whatever) within Directory, which may be
useful for some people.

What do you think about it?

Greetings from Hamburg,
     Stefan