From dev-return-30404-apmail-directory-dev-archive=directory.apache.org@directory.apache.org Thu May 21 21:59:17 2009 Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 45367 invoked from network); 21 May 2009 21:59:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 21 May 2009 21:59:17 -0000 Received: (qmail 80357 invoked by uid 500); 21 May 2009 21:59:30 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 80275 invoked by uid 500); 21 May 2009 21:59:29 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 80267 invoked by uid 99); 21 May 2009 21:59:29 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 May 2009 21:59:29 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of elecharny@gmail.com designates 74.125.78.27 as permitted sender) Received: from [74.125.78.27] (HELO ey-out-2122.google.com) (74.125.78.27) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 May 2009 21:59:18 +0000 Received: by ey-out-2122.google.com with SMTP id 9so360496eyd.31 for ; Thu, 21 May 2009 14:58:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=zRUmhekYbe1cs/JfjmyHOgtCCVo7ldbWv8gx6fOq0UE=; b=pw9XdVU4MzIpRgnI4Rea7rFAuZVj5lj+kq6lYTYoTG3PBOf9cPoFeiAiYNJU+i8KSo pR2OcFwzJBnRgzcj3sHkxF9In6Aa9u+bDhpc1SN5Mbywf5x31qOApzYaMWCNEhXsavsy IcZl2ZzHu6EeC6aXkrnaH7xDPpFT+px5XF0EM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; b=ePZ6nrEwQ2PrcIT3bf4eSS6qKwRzURBaP9fQ27VNjj7CI34kTN5/DFLOMphsGayqJf 5mMZodZ/iv0YDLYEFBrfJkx27rlcEHlqt+OJeyRc/4kpjpKX4jqK52yCZAbf7Cyum4O2 NSuWP8NQzo4x+GRiDjPYP5E2/0yG9S+M5A5f8= Received: by 10.210.19.7 with SMTP id 7mr31693ebs.93.1242943136736; Thu, 21 May 2009 14:58:56 -0700 (PDT) Received: from ?192.168.0.1? (vol75-3-82-66-216-176.fbx.proxad.net [82.66.216.176]) by mx.google.com with ESMTPS id 28sm5581804eyg.54.2009.05.21.14.58.55 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 21 May 2009 14:58:56 -0700 (PDT) Sender: Emmanuel Lecharny Message-ID: <4A15CEA3.8030001@nextury.com> Date: Thu, 21 May 2009 23:58:59 +0200 From: Emmanuel Lecharny User-Agent: Thunderbird 2.0.0.21 (X11/20090318) MIME-Version: 1.0 To: Apache Directory Developers List Subject: Re: Using a CoreSession in embeded mode to perform a search References: <4A15A356.60203@labeo.de> In-Reply-To: <4A15A356.60203@labeo.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Stefan Zoerner wrote: > Hi all, Hi Stefan, > > currently I implement an Apache Tomcat Realm which embeds ApacheDS and > uses it for authentication and authorization. The thing already works > and looks quite promising, I will post a first version at weekend on > this list in order to get some feedback. > > During implementation, I tried to avoid JNDI calls and used the > CoreSession interface which I can get from DirectoryService. > > Code (which searches a user entry by uid) goes like this: > > ... > CoreSession adminSession = directoryService.getAdminSession(); > > String base = "ou=system"; > LdapDN basedn = new LdapDN(base); > SearchScope scope = SearchScope.SUBTREE; > MessageFormat f = new MessageFormat( > "(&(objectClass=person)(uid={0}))"); > String sFilter = f.format(new Object[] { username }); > > ExprNode filter = FilterParser.parse(sFilter); > EntryFilteringCursor cursor = adminSession.search(basedn, scope, > filter, AliasDerefMode.NEVER_DEREF_ALIASES, null, 0, 0); > CursorIterator iter = new CursorIterator(cursor); > if (iter.hasNext()) { > ServerEntry entry = (ServerEntry) iter.next(); > dn = entry.getDn(); > } > adminSession.unbind(); > ... > > I am not happy with the use of CursorIterator (especially the cast). > Anybody a better idea how to perform a search and process the results > from an embedded server? You don't have to use a CursorIterator. Once you get a cursor, you can do something like : cursor.beforeFirst(); // To position the cursor at the beginning while (cursor.next() ) { ServerEntry entry = cursor.get(); } No need to cast, and the entry you get is a clone. -- -- cordialement, regards, Emmanuel Lécharny www.iktek.com directory.apache.org