On 14-01-09 01:00 PM, Marvin Addison wrote:
On the other hand, Ldaptive provides some support for this:
http://www.ldaptive.org/docs/guide/authentication/accountstate
I've found most LDAP libraries to be ridiculously overly complex. Ldap is
very simple, and shouldn't be made so complex.
There's hardly anything simple about LDAP. The BER encoding used by
the LDAP protocol is tedious at best and a hot mess at worst. The full
LDAP specification includes a _ton_ of facilities and a comprehensive
library should support most if not all of the spec. Then there's all
the directory-specific functionality and the crazy things folks want
to do with their directories, and any library that wants to support
them will necessarily be complex. Ldaptive is consequently complex.
The ldap bind operation is fairly simple in its commonest form, and if
that's your standard of complexity then no wonder you're put off by
modern LDAP libs. Unfortunately there's a heck of a lot more than
simple binds.
Accessing LDAP Entries, and using them, should not be a pain; that is
what I'm saying. Yes, there are special features of LDAP that libraries
need to implement, and things can get complex. But that doesn't mean
they should be difficult to use.
By the way, I've never used ldaptive, and I wasn't saying anything about
it. But, I've given up on trying to use other people's libraries for
things like ldap, cause they are usually ridiculously more complex than
they need to be, and aren't really using Java's language features. So,
I decided to start developing my own, based on annotations and POJOs.
Unfortunately, I don't do enough LDAP work to invest a lot of time in
finishing it; I usually invest a little bit of my own time, but it's
very little.
However, here's an example of an add operation from ldaptive...
LdapEntry entry = new LdapEntry(
"uid=dfisher,ou=people,dc=ldaptive,dc=org",
new LdapAttribute("uid", "dfisher"),
new LdapAttribute("mail", "dfis...@ldaptive.org"));
Connection conn =
DefaultConnectionFactory.getConnection("ldap://directory.ldaptive.org";);
try {
conn.open();
AddOperation add = new AddOperation(conn);
add.execute(new AddRequest(entry.getDn(), entry.getAttributes()));
} finally {
conn.close();
}
I mean the very idea that you have to add "LdapAttribute" objects with
attribute names, and values, and "LdapEntry" objects, is silly. We're
using Java, so let's use Java...
LPA example...
final ILdapOrganization organization = new LdapOrganization();
organization.setDn(ldapName);
organization.setOrganization("New Organization", 0);
organization.setLocality("Some Town", 0);
organization.setTelephoneNumber("(123) 555-5555", 0);
organization.setStreet("123 Ldap Way", 0);
organization.setPostalCode("A1A 2B2", 0);
manager.bind(organization);
LPA determines how to bind based on the annotations in LdapOrganization,
or any of the classes it derives from. Anyone using those objects has
no need to know how they are stored in LDAP, unless they need to debug.
--
Trenton D. Adams
Senior Systems Analyst/Web Software Developer
Navy Penguins at your service!
Information Technology, Athabasca University
(780) 675-6195
:wq!
--
This communication is intended for the use of the recipient to whom it
is addressed, and may contain confidential, personal, and or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication, and do not copy, distribute, or take
action relying on it. Any communications received in error, or
subsequent reply, should be deleted or destroyed.
---
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
