* * Use objects of this class to perform LDAP operations (such as * search, modify, and add) on an LDAP server.
* * To perform an LDAP operation on a server, you need to follow * these steps:
* *
LDAPConnection object.
* connect method to connect to the
* LDAP server.
* authenticate method to authenticate
* to server.
* disconnect method to disconnect from
* the server when done.
* * * All operations block until completion (with the exception of * the search method in which the results may not all return at * the same time). *
*
* This class also specifies a default set of constraints
* (such as the maximum length of time to allow for an operation before timing out)
* which apply to all operations. To get and set these constraints,
* use the getOption and setOption methods.
* To override these constraints for an individual operation,
* define a new set of constraints by creating a LDAPConstraints
* object and pass the object to the method for the operation. For search
* operations, additional constraints are defined in LDAPSearchConstraints
* (a subclass of LDAPConstraints). To override the default search
* constraints, create an LDAPSearchConstraints object and pass it
* to the search method.
*
*
* If you set up your client to follow referrals automatically,
* an operation that results in a referral will create a new connection
* to the LDAP server identified in the referral. In order to have
* your client authenticate to that LDAP server automatically, you need
* to define a class that implements the LDAPAuthHandler interface.
* In your definition of the class, you need to define a
* getAuthProvider method that creates an LDAPAuthProvider
* object containing the distinguished name and password to use for reauthentication.
*
*
* Most errors that occur raise the same exception (LDAPException).
* In order to determine the exact problem that occurred, you can retrieve the
* result code from this exception and compare its value against a set of defined
* result codes.
*
*
* @version 1.0
* @see org.ietf.ldap.LDAPConstraints
* @see org.ietf.ldap.LDAPSearchConstraints
* @see org.ietf.ldap.LDAPAuthHandler
* @see org.ietf.ldap.LDAPAuthProvider
* @see org.ietf.ldap.LDAPException
*/
public class LDAPConnection implements Cloneable, Serializable {
static final long serialVersionUID = -8698420087475771144L;
/**
* Version of the LDAP protocol used by default.
* LDAP_VERSION is 2, so your client will
* attempt to authenticate to LDAP servers as an LDAP v2 client.
* The following is an example of some code that prints the
* value of this variable:
*
* *
* LDAPConnection ld = new LDAPConnection();
* System.out.println( "The default LDAP protocol version used is "
* ld.LDAP_VERSION );
*
*
* If you want to authenticate as an LDAP v3 client,
* use the bind(int version, String dn, byte[] passwd) method.
* For example:
* * *
* ld.bind( 3, myDN, myPW );
*
*
* @see org.ietf.ldap.LDAPConnection#bind(int, java.lang.String, byte[])
*/
public final static int LDAP_VERSION = 2;
/**
* Name of the property specifying the version of the SDK.
*
* To get the version number, pass this name to the
* getProperty method. The SDK version number
* is of the type Float. For example:
*
* ...
* Float sdkVersion = ( Float )myConn.getProperty( myConn.LDAP_PROPERTY_SDK );
* System.out.println( "SDK version: " + sdkVersion );
* ...
* @see org.ietf.ldap.LDAPConnection#getProperty(java.lang.String)
*/
public final static String LDAP_PROPERTY_SDK = "version.sdk";
/**
* Name of the property specifying the highest supported version of
* the LDAP protocol.
*
* To get the version number, pass this name to the
* getProperty method. The LDAP protocol version number
* is of the type Float. For example:
*
* ...
* Float LDAPVersion = ( Float )myConn.getProperty( myConn.LDAP_PROPERTY_PROTOCOL );
* System.out.println( "Highest supported LDAP protocol version: " + LDAPVersion );
* ...
* @see org.ietf.ldap.LDAPConnection#getProperty(java.lang.String)
*/
public final static String LDAP_PROPERTY_PROTOCOL = "version.protocol";
/**
* Name of the property specifying the types of authentication allowed by this
* API (for example, anonymous authentication and simple authentication).
*
* To get the supported types, pass this name to the
* getProperty method. The value of this property is
* of the type String. For example:
*
* ...
* String authTypes = ( String )myConn.getProperty( myConn.LDAP_PROPERTY_SECURITY );
* System.out.println( "Supported authentication types: " + authTypes );
* ...
* @see org.ietf.ldap.LDAPConnection#getProperty(java.lang.String)
*/
public final static String LDAP_PROPERTY_SECURITY = "version.security";
/**
* Name of the property to enable/disable LDAP message trace.
*
* The property can be specified either as a system property
* (java -D command line option), or programmatically with the
* setProperty method.
*
* When -D command line option is used, defining the property with * no value will send the trace output to the standard error. If the * value is defined, it is assumed to be the name of an output file. * If the file name is prefixed with a '+' character, the file is * opened in append mode. *
* When the property is set with the setProperty method,
* the property value must be either a String (represents a file name)
* an OutputStream or an instance of LDAPTraceWriter. To stop tracing,
* null should be passed as the property value.
*
* @see org.ietf.ldap.LDAPConnection#setProperty(java.lang.String, java.lang.Object)
*/
public final static String TRACE_PROPERTY = "com.org.ietf.ldap.trace";
/**
* Specifies the serial connection setup policy when a list of hosts is
* passed to the connect method.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay(int)
*/
public final static int NODELAY_SERIAL = -1;
/**
* Specifies the parallel connection setup policy with no delay when a
* list of hosts is passed to the connect method.
* For each host in the list, a separate thread is created to attempt
* to connect to the host. All threads are started simultaneously.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay(int)
*/
public final static int NODELAY_PARALLEL = 0;
/**
* Constants
*/
private final static String defaultFilter = "(objectClass=*)";
private final static LDAPConstraints readConstraints = new
LDAPSearchConstraints();
/**
* The default port number for LDAP servers. You can specify
* this identifier when calling the LDAPConnection.connect
* method to connect to an LDAP server.
* @see org.ietf.ldap.LDAPConnection#connect
*/
public final static int DEFAULT_PORT = 389;
/**
* Option specifying how aliases are dereferenced.
*
* * This option can have one of the following values: *
DEREF_NEVER
* DEREF_FINDING
* DEREF_SEARCHING
* DEREF_ALWAYS
* * * @see org.ietf.ldap.LDAPConnection#getOption * @see org.ietf.ldap.LDAPConnection#setOption */ public static final int DEREF = 2; /** * Option specifying the maximum number of search results to * return. *
*
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int SIZELIMIT = 3;
/**
* Option specifying the maximum number of milliseconds to
* wait for an operation to complete.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int TIMELIMIT = 4;
/**
* Option specifying the maximum number of milliseconds the
* server should spend returning search results before aborting
* the search.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int SERVER_TIMELIMIT = 5;
/**
* Option specifying whether or not referrals to other LDAP
* servers are followed automatically.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
* @see org.ietf.ldap.LDAPAuthHandler
* @see org.ietf.ldap.LDAPAuthProvider
*/
public static final int REFERRALS = 8;
/**
* Option specifying the object containing the method for
* getting authentication information (the distinguished name
* and password) used during a referral. For example, when
* referred to another LDAP server, your client uses this object
* to obtain the DN and password. Your client authenticates to
* the LDAP server using this DN and password.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
* @see org.ietf.ldap.LDAPAuthHandler
* @see org.ietf.ldap.LDAPAuthProvider
*/
public static final int REFERRALS_REBIND_PROC = 9;
/**
* Option specifying the maximum number of referrals to follow
* in a sequence when requesting an LDAP operation.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int REFERRALS_HOP_LIMIT = 10;
/**
* Option specifying the object containing the method for
* authenticating to the server.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
* @see org.ietf.ldap.LDAPBindHandler
*/
public static final int BIND = 13;
/**
* Option specifying the version of the LDAP protocol
* used by your client when interacting with the LDAP server.
* If no version is set, the default version is 2. If you
* are planning to use LDAP v3 features (such as controls
* or extended operations), you should set this version to 3
* or specify version 3 as an argument to the authenticate
* method of the LDAPConnection object.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
* @see org.ietf.ldap.LDAPConnection#bind(int, java.lang.String, byte[])
*/
public static final int PROTOCOL_VERSION = 17;
/**
* Option specifying the number of results to return at a time.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int BATCHSIZE = 20;
/*
* Valid options for Scope
*/
/**
* Specifies that the scope of a search includes
* only the base DN (distinguished name).
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints)
*/
public static final int SCOPE_BASE = 0;
/**
* Specifies that the scope of a search includes
* only the entries one level below the base DN (distinguished name).
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints) */
public static final int SCOPE_ONE = 1;
/**
* Specifies that the scope of a search includes
* the base DN (distinguished name) and all entries at all levels
* beneath that base.
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints) */
public static final int SCOPE_SUB = 2;
/*
* Valid options for Dereference
*/
/**
* Specifies that aliases are never dereferenced.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int DEREF_NEVER = 0;
/**
* Specifies that aliases are dereferenced when searching the
* entries beneath the starting point of the search (but
* not when finding the starting entry).
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int DEREF_SEARCHING = 1;
/**
* Specifies that aliases are dereferenced when finding the
* starting point for the search (but not when searching
* under that starting entry).
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int DEREF_FINDING = 2;
/**
* Specifies that aliases are always dereferenced.
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int DEREF_ALWAYS = 3;
/**
* Option specifying server controls for LDAP operations. These
* controls are passed to the LDAP server. They may also be returned by
* the server.
* @see org.ietf.ldap.LDAPControl
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int SERVERCONTROLS = 12;
/**
* Attribute type that you can specify in the LDAPConnection
* search method if you don't want to retrieve any of the
* attribute types for entries found by the search.
* @see org.ietf.ldap.LDAPConnection#search
*/
public static final String NO_ATTRS = "1.1";
/**
* Attribute type that you can specify in the LDAPConnection
* search method if you want to retrieve all attribute types.
* You can use this if you want to retrieve all attributes in
* addition to an operational attribute. For example:
*
* *
* ...
* String [] MY_ATTRS = { LDAPConnection.ALL_USER_ATTRS, "modifiersName",
* "modifyTimestamp" };
* LDAPSearchResults res = ld.search( MY_SEARCHBASE,
* LDAPConnection.SCOPE_SUB, MY_FILTER, MY_ATTRS, false, cons );
* ...
*
* @see org.ietf.ldap.LDAPConnection#search
*/
public static final String ALL_USER_ATTRS = "*";
/**
* Internal variables
*/
private LDAPSearchConstraints _defaultConstraints =
new LDAPSearchConstraints();
// A clone of constraints for the successful bind. Used by
// "smart failover" for the automatic rebind
private LDAPConstraints _rebindConstraints;
private Vector _responseListeners;
private Vector _searchListeners;
private boolean _bound;
private String _prevBoundDN;
private byte[] _prevBoundPasswd;
private String _boundDN;
private byte[] _boundPasswd;
private int _protocolVersion = LDAP_VERSION;
private LDAPConnSetupMgr _connMgr;
private int _connSetupDelay = -1;
private int _connectTimeout = 0;
private LDAPSocketFactory _factory;
/* _thread does all socket i/o for the object and any clones */
private transient LDAPConnThread _thread = null;
/* To manage received server controls on a per-thread basis,
we keep a table of active threads and a table of controls,
indexed by thread */
private Vector _attachedList = new Vector();
private Hashtable _responseControlTable = new Hashtable();
private LDAPCache _cache = null;
static Hashtable _threadConnTable = new Hashtable();
// This handles the case when the client lost the connection to the
// server. After the client reconnects with the server, the bound resets
// to false. If the client used to have anonymous bind, then this boolean
// will take care of the case whether the client should send anonymous bind
// request to the server.
private boolean _anonymousBound = false;
private Object _security = null;
private LDAPSaslBind _saslBinder = null;
private CallbackHandler _saslCallbackHandler = null;
private Properties _securityProperties;
private Hashtable _properties = new Hashtable();
private LDAPConnection _referralConnection;
private String _authMethod = "none";
/**
* Properties
*/
private final static Float SdkVersion = new Float(4.14f);
private final static Float ProtocolVersion = new Float(3.0f);
private final static String SecurityVersion = new String("none,simple,sasl");
private final static Float MajorVersion = new Float(4.0f);
private final static Float MinorVersion = new Float(0.14f);
private final static String DELIM = "#";
private final static String PersistSearchPackageName =
"org.ietf.ldap.controls.LDAPPersistSearchControl";
final static String EXTERNAL_MECHANISM = "external";
private final static String EXTERNAL_MECHANISM_PACKAGE =
"com.netscape.sasl";
final static String DEFAULT_SASL_PACKAGE =
"com.netscape.sasl";
final static String SCHEMA_BUG_PROPERTY =
"com.org.ietf.ldap.schema.quoting";
final static String SASL_PACKAGE_PROPERTY =
"com.org.ietf.ldap.saslpackage";
/**
* Constructs a new LDAPConnection object,
* which represents a connection to an LDAP server.
*
* Calling the constructor does not actually establish
* the connection. To connect to the LDAP server, use the
* connect method.
*
* @see org.ietf.ldap.LDAPConnection#connect(java.lang.String, int)
* @see org.ietf.ldap.LDAPConnection#bind(int, java.lang.String, byte[])
*/
public LDAPConnection() {
super();
_factory = null;
_properties.put(LDAP_PROPERTY_SDK, SdkVersion);
_properties.put(LDAP_PROPERTY_PROTOCOL, ProtocolVersion);
_properties.put(LDAP_PROPERTY_SECURITY, SecurityVersion);
_properties.put("version.major", MajorVersion);
_properties.put("version.minor", MinorVersion);
}
/**
* Constructs a new LDAPConnection object that
* will use the specified socket factory class to create
* socket connections. The socket factory class must implement
* the LDAPSocketFactory interface.
* (For example, the LDAPSSLSocketFactory
* class implements this interface.)
*
*
* Note that calling the LDAPConnection constructor
* does not actually establish a connection to an LDAP server.
* To connect to an LDAP server, use the
* connect method. The socket connection will be
* constructed when this method is called.
*
* * @see org.ietf.ldap.LDAPSocketFactory * @see org.ietf.ldap.LDAPSSLSocketFactory * @see org.ietf.ldap.LDAPConnection#connect(java.lang.String, int) * @see org.ietf.ldap.LDAPConnection#bind(int, java.lang.String, byte[]) * @see org.ietf.ldap.LDAPConnection#getSocketFactory * @see org.ietf.ldap.LDAPConnection#setSocketFactory(org.ietf.ldap.LDAPSocketFactory) */ public LDAPConnection( LDAPSocketFactory factory ) { this(); _factory = factory; } /** * Abandons a current search operation, notifying the server not * to send additional search results. * * @param searchResults the search results returned when the search * was started * @exception LDAPException Failed to notify the LDAP server. * @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints) * @see org.ietf.ldap.LDAPSearchResults */ public void abandon( LDAPSearchResults searchResults ) throws LDAPException { abandon( searchResults, _defaultConstraints ); } /** * Abandons a current search operation, notifying the server not * to send additional search results. * * @param searchResults the search results returned when the search * was started * @param cons preferences for the operation * @exception LDAPException Failed to notify the LDAP server. * @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints) * @see org.ietf.ldap.LDAPSearchResults */ public void abandon( LDAPSearchResults searchResults, LDAPConstraints cons ) throws LDAPException { if ( (!isConnected()) || (searchResults == null) ) { return; } int id = searchResults.getMessageID(); if ( id != -1 ) { abandon( id ); } } /** * Cancels the ldap request with the specified id and discards * any results already received. * * @param id an LDAP request id * @exception LDAPException Failed to send request. */ public void abandon( int id ) throws LDAPException { abandon( id, _defaultConstraints ); } /** * Cancels the ldap request with the specified id and discards * any results already received. * * @param id an LDAP request id * @param cons preferences for the operation * @exception LDAPException Failed to send request. */ public void abandon( int id, LDAPConstraints cons ) throws LDAPException { if (!isConnected()) { return; } for (int i=0; i<3; i++) { try { /* Tell listener thread to discard results */ _thread.abandon( id ); /* Tell server to stop sending results */ _thread.sendRequest(null, new JDAPAbandonRequest(id), null, _defaultConstraints); /* No response is forthcoming */ break; } catch (NullPointerException ne) { // do nothing } } if (_thread == null) { throw new LDAPException("Failed to send abandon request to the server.", LDAPException.OTHER); } } /** * Cancels all outstanding search requests associated with this * LDAPSearchQueue object and discards any results already received. * * @param searchlistener a search listener returned from a search * @exception LDAPException Failed to send request. */ public void abandon( LDAPSearchQueue searchlistener ) throws LDAPException { abandon( searchlistener, _defaultConstraints ); } /** * Cancels all outstanding search requests associated with this * LDAPSearchQueue object and discards any results already received. * * @param searchlistener a search listener returned from a search * @param cons preferences for the operation * @exception LDAPException Failed to send request. */ public void abandon( LDAPSearchQueue searchlistener, LDAPConstraints cons ) throws LDAPException { int[] ids = searchlistener.getMessageIDs(); for (int i=0; i < ids.length; i++) { searchlistener.removeRequest(ids[i]); abandon(ids[i]); } } /** * Adds an entry to the directory.
*
* Before using this method, you need to create an
* LDAPEntry object and use it to specify the
* distinguished name and attributes of the new entry. Make sure
* to specify values for all required attributes in the
* entry. If all required attributes are not specified and the LDAP server
* checks the entry against the schema, an LDAPException
* may be thrown (where the LDAP result code is
* OBJECT_CLASS_VIOLATION).
*
* For example, the following section of code creates an
* LDAPEntry object for a new entry and uses the object
* to add the new entry to the directory. Because the definition of
* the LDAP inetOrgPerson class specifies that the
* cn, sn, and objectclass
* attributes are required, these attributes are specified as part
* of the new entry. (mail is not required but is shown
* here as an example of specifying additional attributes.)
*
* *
* ...
* String myDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
*
* LDAPAttribute attr1 = new LDAPAttribute( "cn", "Barbara Jensen" );
* LDAPAttribute attr2 = new LDAPAttribute( "sn", "Jensen" );
* LDAPAttribute attr3 = new LDAPAttribute( "objectclass", "top" );
* LDAPAttribute attr4 = new LDAPAttribute( "objectclass", "person" );
* LDAPAttribute attr5 = new LDAPAttribute( "objectclass", "organizationalPerson" );
* LDAPAttribute attr6 = new LDAPAttribute( "objectclass", "inetOrgPerson" );
* LDAPAttribute attr7 = new LDAPAttribute( "mail", "bjensen@aceindustry.com" );
*
* LDAPAttributeSet myAttrs = new LDAPAttributeSet();
* myAttrs.add( attr1 );
* myAttrs.add( attr2 );
* myAttrs.add( attr3 );
* myAttrs.add( attr4 );
* myAttrs.add( attr5 );
* myAttrs.add( attr6 );
* myAttrs.add( attr7 );
*
* LDAPEntry myEntry = new LDAPEntry( myDN, myAttrs );
*
* myConn.add( myEntry );
* ...
*
* @param entry LDAPEntry object specifying the distinguished name and
* attributes of the new entry
* @exception LDAPException Failed to add the specified entry to the
* directory.
* @see org.ietf.ldap.LDAPEntry
*/
public void add( LDAPEntry entry ) throws LDAPException {
add(entry, _defaultConstraints);
}
/**
* Adds an entry to the directory and allows you to specify preferences
* for this LDAP add operation by using an
* LDAPConstraints object. For
* example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
*
*
* @param entry LDAPEntry object specifying the distinguished name and
* attributes of the new entry
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to add the specified entry to the
* directory.
* @see org.ietf.ldap.LDAPEntry
* @see org.ietf.ldap.LDAPConstraints
*/
public void add( LDAPEntry entry, LDAPConstraints cons )
throws LDAPException {
internalBind (cons);
LDAPResponseQueue myListener = getResponseListener ();
LDAPAttributeSet attrs = entry.getAttributeSet ();
LDAPAttribute[] attrList = new LDAPAttribute[attrs.size()];
Iterator it = attrs.iterator();
for( int i = 0; i < attrs.size(); i++ ) {
attrList[i] = (LDAPAttribute)it.next();
}
int attrPosition = 0;
LDAPMessage response;
try {
sendRequest (new JDAPAddRequest (entry.getDN(), attrList),
myListener, cons);
response = myListener.getResponse();
checkMsg (response);
} catch (LDAPReferralException e) {
performReferrals(e, cons, JDAPProtocolOp.ADD_REQUEST,
null, 0, null, null, false, null, entry, null, null);
} finally {
releaseResponseListener (myListener);
}
}
/**
* Adds an entry to the directory.
*
* @param entry LDAPEntry object specifying the distinguished name and
* attributes of the new entry
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPEntry
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue add( LDAPEntry entry,
LDAPResponseQueue listener )
throws LDAPException{
return add( entry, listener, _defaultConstraints );
}
/**
* Adds an entry to the directory and allows you to specify constraints
* for this LDAP add operation by using an LDAPConstraints
* object. For example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
*
* * @param entry LDAPEntry object specifying the distinguished name and * attributes of the new entry * @param listener handler for messages returned from a server in response * to this request. If it is null, a listener object is created internally. * @param cons constraints specific to the operation * @return LDAPResponseQueue handler for messages returned from a server * in response to this request * @exception LDAPException Failed to send request. * @see org.ietf.ldap.LDAPEntry * @see org.ietf.ldap.LDAPResponseQueue * @see org.ietf.ldap.LDAPConstraints */ public LDAPResponseQueue add( LDAPEntry entry, LDAPResponseQueue listener, LDAPConstraints cons ) throws LDAPException{ if (cons == null) { cons = _defaultConstraints; } internalBind (cons); if (listener == null) { listener = new LDAPResponseQueue(/*asynchOp=*/true); } LDAPAttributeSet attrs = entry.getAttributeSet (); LDAPAttribute[] attrList = new LDAPAttribute[attrs.size()]; Iterator it = attrs.iterator(); for( int i = 0; i < attrs.size(); i++ ) { attrList[i] = (LDAPAttribute)it.next(); } int attrPosition = 0; sendRequest (new JDAPAddRequest (entry.getDN(), attrList), listener, cons); return listener; } /** * Registers an object to be notified on arrival of an unsolicited * message from a server * * @param listener An object to be notified on arrival of an * unsolicited message from a server */ public void addUnsolicitedNotificationListener( LDAPUnsolicitedNotificationListener listener ) { } /** * Authenticates to the LDAP server (to which you are currently * connected) using the specified name and password. * If you are not already connected to the LDAP server, this * method attempts to reconnect to the server. *
* * For example, the following section of code authenticates the * client as Barbara Jensen. The code assumes that the client * has already established a connection with an LDAP server. *
* *
* String myDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* String myPW = "hifalutin";
* try {
* myConn.bind( myDN, myPW.getBytes() );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified user does not exist." );
* break;
* case e.INVALID_CREDENTIALS:
* System.out.println( "Invalid password." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Failed to authentice as " + myDN );
* break;
* }
* return;
* }
* System.out.println( "Authenticated as " + myDN );
*
*
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
private void bind( String dn, byte[] passwd) throws LDAPException {
bind( _protocolVersion, dn, passwd, _defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which you are currently
* connected) using the specified name and password. The
* default protocol version (version 2) is used. If the server
* doesn't support the default version, an LDAPException is thrown
* with the error code PROTOCOL_ERROR. This method allows the
* user to specify the preferences for the bind operation.
*
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @param cons preferences for the bind operation
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
private void bind( String dn, byte[] passwd,
LDAPConstraints cons ) throws LDAPException {
bind( _protocolVersion, dn, passwd, cons );
}
/**
* Authenticates to the LDAP server (to which you are currently
* connected) using the specified name and password, and
* requests that the server use at least the specified
* protocol version. If the server doesn't support that
* level, an LDAPException is thrown with the error code
* PROTOCOL_ERROR.
*
* @param version required LDAP protocol version
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
public void bind( int version, String dn, byte[] passwd )
throws LDAPException {
bind( version, dn, passwd, _defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which you are currently
* connected) using the specified name and password, and
* requesting that the server use at least the specified
* protocol version. If the server doesn't support that
* level, an LDAPException is thrown with the error code
* PROTOCOL_ERROR. This method allows the user to specify the
* preferences for the bind operation.
*
* @param version required LDAP protocol version
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @param cons preferences for the bind operation
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
public void bind( int version, String dn, byte[] passwd,
LDAPConstraints cons ) throws LDAPException {
_prevBoundDN = _boundDN;
_prevBoundPasswd = _boundPasswd;
_boundDN = dn;
_boundPasswd = passwd;
_anonymousBound =
((_prevBoundDN == null) || (_prevBoundPasswd == null));
internalBind (version, true, cons);
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and whatever SASL mechanisms
* are supported by the server. Each supported mechanism in turn
* is tried until authentication succeeds or an exception is thrown.
* If the object has been disconnected from an LDAP server, this
* method attempts to reconnect to the server. If the object had
* already authenticated, the old authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param authzid If not null and not empty, an LDAP authzID [AUTH]
* to be passed to the SASL layer. If null or empty,
* the authzId will be treated as an empty string
* and processed as per RFC 2222 [SASL].
* @param props Optional qualifiers for the authentication session
* @param cbh a class which the SASL framework can call to
* obtain additional required information
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
public void bind( String dn,
String authzid,
Map props,
CallbackHandler cbh )
throws LDAPException {
bind( dn, authzid, props, cbh, _defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and whatever SASL mechanisms
* are supported by the server. Each supported mechanism in turn
* is tried until authentication succeeds or an exception is thrown.
* If the object has been disconnected from an LDAP server, this
* method attempts to reconnect to the server. If the object had
* already authenticated, the old authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param authzid If not null and not empty, an LDAP authzID [AUTH]
* to be passed to the SASL layer. If null or empty,
* the authzId will be treated as an empty string
* and processed as per RFC 2222 [SASL].
* @param props Optional qualifiers for the authentication session
* @param cbh a class which the SASL framework can call to
* obtain additional required information
* @param cons preferences for the bind operation
* @exception LDAPException Failed to authenticate to the LDAP server.
*/
public void bind( String dn,
String authzid,
Map props,
CallbackHandler cbh,
LDAPConstraints cons )
throws LDAPException {
if ( !isConnected() ) {
connect();
}
// Get the list of mechanisms from the server
String[] attrs = { "supportedSaslMechanisms" };
LDAPEntry entry = read( "", attrs );
LDAPAttribute attr = entry.getAttribute( attrs[0] );
if ( attr == null ) {
throw new LDAPException( "Not found in root DSE: " +
attrs[0],
LDAPException.NO_SUCH_ATTRIBUTE );
}
bind( dn, authzid, attr.getStringValueArray(), props, cbh, cons );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and a specified SASL mechanism
* or set of mechanisms. If the requested SASL mechanism is not
* available, an exception is thrown. If the object has been
* disconnected from an LDAP server, this method attempts to reconnect
* to the server. If the object had already authenticated, the old
* authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param authzid If not null and not empty, an LDAP authzID [AUTH]
* to be passed to the SASL layer. If null or empty,
* the authzId will be treated as an empty string
* and processed as per RFC 2222 [SASL].
* @param props Optional qualifiers for the authentication session
* @param mechanisms a list of acceptable mechanisms. The first one
* for which a Mechanism Driver can be instantiated is returned.
* @param cbh a class which the SASL framework can call to
* obtain additional required information
* @exception LDAPException Failed to authenticate to the LDAP server.
* @see org.ietf.ldap.LDAPConnection#bind(String, String, Map,
* CallbackHandler)
*/
public void bind( String dn,
String authzid,
String[] mechanisms,
Map props,
CallbackHandler cbh )
throws LDAPException {
bind( dn, authzid, mechanisms, props, cbh, _defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and a specified SASL mechanism
* or set of mechanisms. If the requested SASL mechanism is not
* available, an exception is thrown. If the object has been
* disconnected from an LDAP server, this method attempts to reconnect
* to the server. If the object had already authenticated, the old
* authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param authzid If not null and not empty, an LDAP authzID [AUTH]
* to be passed to the SASL layer. If null or empty,
* the authzId will be treated as an empty string
* and processed as per RFC 2222 [SASL].
* @param props Optional qualifiers for the authentication session
* @param mechanisms a list of acceptable mechanisms. The first one
* for which a Mechanism Driver can be instantiated is returned.
* @param cbh a class which the SASL framework can call to
* obtain additional required information
* @param cons preferences for the bind operation
* @exception LDAPException Failed to authenticate to the LDAP server.
* @see org.ietf.ldap.LDAPConnection#bind(String, String, Map,
* CallbackHandler, LDAPConstraints)
*/
public void bind( String dn,
String authzid,
String[] mechanisms,
Map props,
CallbackHandler cbh,
LDAPConstraints cons )
throws LDAPException {
if ( !isConnected() ) {
connect();
} else {
// If the thread has more than one LDAPConnection, then
// we should disconnect first. Otherwise,
// we can reuse the same thread for the rebind.
if (_thread.getClientCount() > 1) {
disconnect();
connect();
}
}
_boundDN = null;
_protocolVersion = 3; // Must be 3 for SASL
if ( props == null ) {
props = new Hashtable();
}
_saslBinder = new LDAPSaslBind( dn, mechanisms,
props, cbh );
_saslCallbackHandler = cbh;
_saslBinder.bind( this );
_authMethod = "sasl";
_boundDN = dn;
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and password. If the object
* has been disconnected from an LDAP server, this method attempts to
* reconnect to the server. If the object had already authenticated, the
* old authentication is discarded.
*
* @param version required LDAP protocol version
* @param dn if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name and passwd as password
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue bind( int version,
String dn,
byte[] passwd,
LDAPResponseQueue listener )
throws LDAPException{
return bind( version, dn, passwd, listener, _defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and password. If the object
* has been disconnected from an LDAP server, this method attempts to
* reconnect to the server. If the object had already authenticated, the
* old authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name and passwd as password
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
*/
private LDAPResponseQueue bind( String dn,
byte[] passwd,
LDAPResponseQueue listener)
throws LDAPException{
return bind( _protocolVersion, dn, passwd, listener,
_defaultConstraints );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and password and allows you
* to specify constraints for this LDAP add operation by using an
* LDAPConstraints object. If the object
* has been disconnected from an LDAP server, this method attempts to
* reconnect to the server. If the object had already authenticated, the
* old authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name and passwd as password
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
private LDAPResponseQueue bind( String dn,
byte[] passwd,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException{
return bind( _protocolVersion, dn, passwd, listener, cons );
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and password and allows you
* to specify constraints for this LDAP add operation by using an
* LDAPConstraints object. If the object
* has been disconnected from an LDAP server, this method attempts to
* reconnect to the server. If the object had already authenticated, the
* old authentication is discarded.
*
* @param version required LDAP protocol version
* @param dn if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection
* and all operations through it should authenticate with dn as the
* distinguished name and passwd as password
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
public LDAPResponseQueue bind( int version,
String dn,
byte[] passwd,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException{
if (cons == null) {
cons = _defaultConstraints;
}
_prevBoundDN = _boundDN;
_prevBoundPasswd = _boundPasswd;
_boundDN = dn;
_boundPasswd = passwd;
_protocolVersion = version;
if (_thread == null) {
connect();
}
else if (_thread.getClientCount() > 1) {
disconnect();
connect();
}
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
sendRequest(new JDAPBindRequest(version, _boundDN, _boundPasswd),
listener, cons);
return listener;
}
/**
* Authenticates to the LDAP server (to which the object is currently
* connected) using the specified name and a specified SASL mechanism
* or set of mechanisms. If the requested SASL mechanism is not
* available, an exception is thrown. If the object has been
* disconnected from an LDAP server, this method attempts to reconnect
* to the server. If the object had already authenticated, the old
* authentication is discarded.
*
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param authzid If not null and not empty, an LDAP authzID [AUTH]
* to be passed to the SASL layer. If null or empty,
* the authzId will be treated as an empty string
* and processed as per RFC 2222 [SASL].
* @param mechanisms a list of acceptable mechanisms. The first one
* for which a Mechanism Driver can be instantiated is returned.
* @param packageName a package containing a SASL ClientFactory,
* e.g. "myclasses.SASL". If null, a system default is used.
* @param cbh a class which the SASL framework can call to
* obtain additional required information
* @exception LDAPException Failed to authenticate to the LDAP server.
* @deprecated Please use authenticate without packageName
* instead.
*/
public void bind( String dn,
String authzid,
String[] mechanisms,
String packageName,
Map props,
CallbackHandler cbh,
LDAPConstraints cons )
throws LDAPException {
if ( props == null ) {
props = new Hashtable();
}
props.put( LDAPSaslBind.CLIENTPKGS, packageName );
bind( dn, authzid, mechanisms, props, cbh, cons );
}
/**
* Creates and returns a copy of the object. The new
* LDAPConnection object contains the same information as
* the original connection, including:
*
* @return the LDAPconnection object representing the
* new object.
*/
public synchronized Object clone() {
try {
LDAPConnection c = (LDAPConnection)super.clone();
if (!isConnected()) {
this.internalBind(_defaultConstraints);
}
c._defaultConstraints =
(LDAPSearchConstraints)_defaultConstraints.clone();
c._responseListeners = null;
c._searchListeners = null;
c._bound = this._bound;
c._connMgr = _connMgr;
c._connSetupDelay = _connSetupDelay;
c._boundDN = this._boundDN;
c._boundPasswd = this._boundPasswd;
c._prevBoundDN = this._prevBoundDN;
c._prevBoundPasswd = this._prevBoundPasswd;
c._anonymousBound = this._anonymousBound;
c.setCache(this._cache); // increments cache reference cnt
c._factory = this._factory;
c._thread = this._thread; /* share current connection thread */
synchronized (_threadConnTable) {
Vector v = (Vector)_threadConnTable.get(this._thread);
if (v != null) {
v.addElement(c);
} else {
printDebug("Failed to clone");
return null;
}
}
c._thread.register(c);
return c;
} catch (Exception e) {
}
return null;
}
/**
* Checks to see if an entry contains an attribute with a specified value.
* Returns true if the entry has the value. Returns
* false if the entry does not have the value or the
* attribute. To represent the value that you want compared, you need
* to create an LDAPAttribute object.
* * Note that only string values can be compared.
* * For example, the following section of code checks to see if the entry * "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US" contains * the attribute "mail" with the value "bjensen@aceindustry.com". * *
* ...
* LDAPConnection myConn = new LDAPConnection();
* ...
* String myDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* String nameOfAttr = "mail";
* String valOfAttr = "bjensen@aceindustry.com";
* LDAPAttribute cmpThisAttr = new LDAPAttribute( nameOfAttr, valOfAttr );
* boolean hasValue = myConn.compare( myDN, cmpThisAttr );
* if ( hasValue ) {
* System.out.println( "Attribute and value found in entry." );
* } else {
* System.out.println( "Attribute and value not found in entry." );
* }
* ...
*
* @param DN the distinguished name of the entry to use in
* the comparison
* @param attr the attribute to compare against the entry.
* (The method checks to see if the entry has an attribute with the same name
* and value as this attribute.)
* @return true if the entry contains the specified attribute and value.
* @exception LDAPException Failed to perform the comparison.
* @see org.ietf.ldap.LDAPAttribute
*/
public boolean compare( String DN, LDAPAttribute attr )
throws LDAPException {
return compare( DN, attr, _defaultConstraints );
}
public boolean compare( String DN, LDAPAttribute attr,
LDAPConstraints cons ) throws LDAPException {
internalBind(cons);
LDAPResponseQueue myListener = getResponseListener ();
Enumeration en = attr.getStringValues();
String val = (String)en.nextElement();
JDAPAVA ass = new JDAPAVA(attr.getName(), val);
LDAPMessage response;
try {
sendRequest (new JDAPCompareRequest (DN, ass), myListener, cons);
response = myListener.getResponse ();
int resultCode = ((JDAPResult)response.getProtocolOp()).getResultCode();
if (resultCode == JDAPResult.COMPARE_FALSE) {
return false;
}
if (resultCode == JDAPResult.COMPARE_TRUE) {
return true;
}
checkMsg (response);
} catch (LDAPReferralException e) {
Vector res = new Vector();
performReferrals(e, cons, JDAPProtocolOp.COMPARE_REQUEST,
DN, 0, null, null, false, null, null, attr, res);
boolean bool = false;
if (res.size() > 0) {
bool = ((Boolean)res.elementAt(0)).booleanValue();
}
return bool;
} finally {
releaseResponseListener (myListener);
}
return false; /* this should never be executed */
}
/**
* @deprecated Please use the method signature where cons is
* LDAPConstraints instead of LDAPSearchConstraints
*/
public boolean compare( String DN,
LDAPAttribute attr,
LDAPSearchConstraints cons ) throws LDAPException {
return compare( DN, attr, (LDAPConstraints)cons );
}
/**
* Compare an attribute value with one in the directory. The result can
* be obtained by calling getResultCode on the
* LDAPResponse from the LDAPResponseQueue.
* The code will be LDAPException.COMPARE_TRUE or
* LDAPException.COMPARE_FALSE.
*
* @param dn distinguished name of the entry to compare
* @param attr attribute with a value to compare
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
*/
public LDAPResponseQueue compare( String dn,
LDAPAttribute attr,
LDAPResponseQueue listener )
throws LDAPException {
return compare( dn, attr, listener, _defaultConstraints );
}
/**
* Compare an attribute value with one in the directory. The result can
* be obtained by calling getResultCode on the
* LDAPResponse from the LDAPResponseQueue.
* The code will be LDAPException.COMPARE_TRUE or
* LDAPException.COMPARE_FALSE.
*
* @param dn distinguished name of the entry to compare
* @param attr attribute with a value to compare
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to this operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
*/
public LDAPResponseQueue compare( String dn,
LDAPAttribute attr,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException {
if (cons == null) {
cons = _defaultConstraints;
}
internalBind (cons);
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
Enumeration en = attr.getStringValues();
String val = (String)en.nextElement();
JDAPAVA ava = new JDAPAVA(attr.getName(), val);
sendRequest (new JDAPCompareRequest (dn, ava), listener, cons);
return listener;
}
/**
* Connects to the specified host and port. If this LDAPConnection object
* represents an open connection, the connection is closed first
* before the new connection is opened.
* * * For example, the following section of code establishes a connection with * the LDAP server running on the host ldap.netscape.com and the port 389. *
* *
* String ldapHost = "ldap.netscape.com";
* int ldapPort = 389;
* LDAPConnection myConn = new LDAPConnection();
* try {
* myConn.connect( ldapHost, ldapPort );
* } catch ( LDAPException e ) {
* System.out.println( "Unable to connect to " + ldapHost +
* " at port " + ldapPort );
* return;
* }
* System.out.println( "Connected to " + ldapHost + " at port " + ldapPort )
*
*
* You can limit the time spent waiting for the connection to be established
* by calling setConnectTimeout before connect.
*
* @param host host name of the LDAP server to which you want to connect.
* This value can also be a space-delimited list of hostnames or
* hostnames and port numbers (using the syntax
* hostname:portnumber). For example, you can specify
* the following values for the host argument:
*
* myhost
* myhost hishost:389 herhost:5000 whathost
* myhost:686 myhost:389 hishost:5000 whathost:1024
*
* If multiple servers are specified in the host list, the connection
* setup policy specified with the ConnSetupDelay property controls
* whether connection attempts are made serially or concurrently.
*
* @param port port number of the LDAP server to which you want to connect.
* This parameter is ignored for any host in the host
* parameter which includes a colon and port number.
* @exception LDAPException The connection failed.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
* @see org.ietf.ldap.LDAPConnection#setConnectTimeout
*/
public void connect(String host, int port) throws LDAPException {
connect( host, port, null, null, _defaultConstraints, false );
}
/**
* Connects to the specified host and port and uses the specified DN and
* password to authenticate to the server. If this LDAPConnection object
* represents an open connection, the connection is closed first
* before the new connection is opened.
*
* * For example, the following section of code establishes a connection * with the LDAP server running on ldap.netscape.com at port 389. The * example also attempts to authenticate the client as Barbara Jensen. *
* *
* String ldapHost = "ldap.netscape.com";
* int ldapPort = 389;
* String myDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* String myPW = "hifalutin";
* LDAPConnection myConn = new LDAPConnection();
* try {
* myConn.connect( ldapHost, ldapPort, myDN, myPW );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified user does not exist." );
* break;
* case e.INVALID_CREDENTIALS:
* System.out.println( "Invalid password." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Failed to connect to " + ldapHost + " at port " + ldapPort );
* break;
* }
* return;
* }
* System.out.println( "Connected to " + ldapHost + " at port " + ldapPort );
*
*
* You can limit the time spent waiting for the connection to be established
* by calling setConnectTimeout before connect.
*
* @param host host name of the LDAP server to which you want to connect.
* This value can also be a space-delimited list of hostnames or
* hostnames and port numbers (using the syntax
* hostname:portnumber). For example, you can specify
* the following values for the host argument:
*
* myhost
* myhost hishost:389 herhost:5000 whathost
* myhost:686 myhost:389 hishost:5000 whathost:1024
*
* If multiple servers are specified in the host list, the connection
* setup policy specified with the ConnSetupDelay property controls
* whether connection attempts are made serially or concurrently.
*
* @param port port number of the LDAP server to which you want to connect.
* This parameter is ignored for any host in the host
* parameter which includes a colon and port number.
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @exception LDAPException The connection or authentication failed.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
* @see org.ietf.ldap.LDAPConnection#setConnectTimeout
*/
private void connect(String host, int port, String dn, byte[] passwd)
throws LDAPException {
connect(host, port, dn, passwd, _defaultConstraints, true);
}
/**
* Connects to the specified host and port and uses the specified DN and
* password to authenticate to the server. If this LDAPConnection object
* represents an open connection, the connection is closed first
* before the new connection is opened. This method allows the user to
* specify the preferences for the bind operation.
*
* You can limit the time spent waiting for the connection to be established
* by calling setConnectTimeout before connect.
*
* @param host host name of the LDAP server to which you want to connect.
* This value can also be a space-delimited list of hostnames or
* hostnames and port numbers (using the syntax
* hostname:portnumber). For example, you can specify
* the following values for the host argument:
*
* myhost
* myhost hishost:389 herhost:5000 whathost
* myhost:686 myhost:389 hishost:5000 whathost:1024
*
* If multiple servers are specified in the host list, the connection
* setup policy specified with the ConnSetupDelay property controls
* whether connection attempts are made serially or concurrently.
*
* @param port port number of the LDAP server to which you want to connect.
* This parameter is ignored for any host in the host
* parameter which includes a colon and port number.
* @param dn distinguished name used for authentication
* @param passwd password used for authentication
* @param cons preferences for the bind operation
* @exception LDAPException The connection or authentication failed.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
* @see org.ietf.ldap.LDAPConnection#setConnectTimeout
*/
private void connect(String host, int port, String dn, byte[] passwd,
LDAPConstraints cons) throws LDAPException {
connect(host, port, dn, passwd, cons, true);
}
private void connect(String host, int port, String dn, byte[] passwd,
LDAPConstraints cons, boolean doAuthenticate)
throws LDAPException {
if ( isConnected() ) {
disconnect ();
}
if ((host == null) || (host.equals(""))) {
throw new LDAPException ( "no host for connection",
LDAPException.PARAM_ERROR );
}
/* Parse the list of hosts */
int defaultPort = port;
StringTokenizer st = new StringTokenizer( host );
String hostList[] = new String[st.countTokens()];
int portList[] = new int[st.countTokens()];
int i = 0;
while( st.hasMoreTokens() ) {
String s = st.nextToken();
int colon = s.indexOf( ':' );
if ( colon > 0 ) {
hostList[i] = s.substring( 0, colon );
portList[i] = Integer.parseInt( s.substring( colon+1 ) );
} else {
hostList[i] = s;
portList[i] = defaultPort;
}
i++;
}
/* Create the Connection Setup Manager */
_connMgr = new LDAPConnSetupMgr(hostList, portList, _factory);
_connMgr.setConnSetupDelay(_connSetupDelay);
_connMgr.setConnectTimeout(_connectTimeout);
connect();
if ( doAuthenticate ) {
bind( dn, passwd, cons );
}
}
/**
* Connects to the specified host and port and uses the specified DN and
* password to authenticate to the server, with the specified LDAP
* protocol version. If the server does not support the requested
* protocol version, an exception is thrown. If this LDAPConnection
* object represents an open connection, the connection is closed first
* before the new connection is opened. This is equivalent to
* connect(host, port) followed by bind(version, dn, passwd).
*
* @param version requested version of LDAP: currently 2 or 3
* @param host a hostname to which to connect or a dotted string representing
* the IP address of this host.
* Alternatively, this can be a space-delimited list of host names.
* Each host name may include a trailing colon and port number. In the
* case where more than one host name is specified, the connection setup
* policy specified with the ConnSetupDelay property controls
* whether connection attempts are made serially or concurrently.
* *
* Examples:
* "directory.knowledge.com"
* "199.254.1.2"
* "directory.knowledge.com:1050 people.catalog.com 199.254.1.2"
*
* @param port the TCP or UDP port number to which to connect or contact.
* The default LDAP port is 389. "port" is ignored for any host name which
* includes a colon and port number.
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name and passwd as password.
* @exception LDAPException The connection or authentication failed.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
*/
private void connect(int version, String host, int port, String dn,
byte[] passwd) throws LDAPException {
connect(version, host, port, dn, passwd, _defaultConstraints);
}
/**
* Connects to the specified host and port and uses the specified DN and
* password to authenticate to the server, with the specified LDAP
* protocol version. If the server does not support the requested
* protocol version, an exception is thrown. This method allows the user
* to specify preferences for the bind operation. If this LDAPConnection
* object represents an open connection, the connection is closed first
* before the new connection is opened. This is equivalent to
* connect(host, port) followed by bind(version, dn, passwd).
*
* @param version requested version of LDAP: currently 2 or 3
* @param host a hostname to which to connect or a dotted string representing
* the IP address of this host.
* Alternatively, this can be a space-delimited list of host names.
* Each host name may include a trailing colon and port number. In the
* case where more than one host name is specified, the connection setup
* policy specified with the ConnSetupDelay property controls
* whether connection attempts are made serially or concurrently.
* *
* Examples:
* "directory.knowledge.com"
* "199.254.1.2"
* "directory.knowledge.com:1050 people.catalog.com 199.254.1.2"
*
* @param port the TCP or UDP port number to which to connect or contact.
* The default LDAP port is 389. "port" is ignored for any host name which
* includes a colon and port number.
* @param dn if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name
* @param passwd if non-null and non-empty, specifies that the connection and
* all operations through it should authenticate with dn as the
* distinguished name and passwd as password
* @param cons preferences for the bind operation
* @exception LDAPException The connection or authentication failed.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
*/
private void connect(int version, String host, int port, String dn,
byte[] passwd, LDAPConstraints cons) throws LDAPException {
setProtocolVersion(version);
connect(host, port, dn, passwd, cons);
}
/**
* @deprecated Please use the method signature where cons is
* LDAPConstraints instead of LDAPSearchConstraints
*/
private void connect(int version, String host, int port, String dn,
byte[] passwd, LDAPSearchConstraints cons) throws LDAPException {
connect(version, host, port, dn, passwd, (LDAPConstraints)cons);
}
/**
* Internal routine to connect with internal params
* @exception LDAPException failed to connect
*/
private synchronized void connect () throws LDAPException {
if ( isConnected() ) {
return;
}
if (_connMgr == null) {
throw new LDAPException ( "no connection parameters",
LDAPException.PARAM_ERROR );
}
_connMgr.openConnection();
_thread = getNewThread(_connMgr, _cache);
authenticateSSLConnection();
}
/**
* Deletes the entry for the specified DN from the directory. * * For example, the following section of code deletes the entry for * Barbara Jensen from the directory.
* *
* ...
* String myEntryDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* myConn.delete( myEntryDN );
* ...
*
* @param DN distinguished name identifying the entry
* to remove from the directory
* @exception LDAPException Failed to delete the specified entry from
* the directory.
*/
public void delete( String DN ) throws LDAPException {
delete(DN, _defaultConstraints);
}
/**
* Deletes the entry for the specified DN from the directory and
* allows you to specify preferences for this LDAP delete operation
* by using an LDAPConstraints object. For
* example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
*
*
* @param DN distinguished name identifying the entry
* to remove from the directory
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to delete the specified entry from
* the directory.
* @see org.ietf.ldap.LDAPConstraints
*/
public void delete( String DN, LDAPConstraints cons )
throws LDAPException {
internalBind (cons);
LDAPResponseQueue myListener = getResponseListener ();
LDAPMessage response;
try {
sendRequest (new JDAPDeleteRequest (DN), myListener, cons);
response = myListener.getResponse();
checkMsg (response);
} catch (LDAPReferralException e) {
performReferrals(e, cons, JDAPProtocolOp.DEL_REQUEST,
DN, 0, null, null, false, null, null, null, null);
} finally {
releaseResponseListener (myListener);
}
}
/**
* Deletes the entry for the specified DN from the directory.
*
* @param dn distinguished name of the entry to delete
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
public LDAPResponseQueue delete( String dn,
LDAPResponseQueue listener )
throws LDAPException {
return delete( dn, listener, _defaultConstraints );
}
/**
* Deletes the entry for the specified DN from the directory.
*
* @param dn distinguished name of the entry to delete
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
public LDAPResponseQueue delete( String dn,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException {
if (cons == null) {
cons = _defaultConstraints;
}
internalBind (cons);
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
sendRequest (new JDAPDeleteRequest(dn), listener, cons);
return listener;
}
/**
* Disconnects from the LDAP server. Before you can perform LDAP operations
* again, you need to reconnect to the server by calling
* connect.
* @exception LDAPException Failed to disconnect from the LDAP server.
* @see org.ietf.ldap.LDAPConnection#connect(java.lang.String, int)
*/
public synchronized void disconnect() throws LDAPException {
if (!isConnected())
throw new LDAPException ( "unable to disconnect() without connecting",
LDAPException.OTHER );
// Clone the Connection Setup Manager if the connection is shared
if (_thread.isRunning() && _thread.getClientCount() > 1) {
_connMgr = (LDAPConnSetupMgr) _connMgr.clone();
_connMgr.disconnect();
}
if (_referralConnection != null && _referralConnection.isConnected()) {
_referralConnection.disconnect();
}
_referralConnection = null;
if (_cache != null) {
_cache.removeReference();
_cache = null;
}
deleteThreadConnEntry();
deregisterConnection();
}
/**
* Performs an extended operation on the directory. Extended operations
* are part of version 3 of the LDAP protocol.
* * Note that in order for the extended operation to work, the server * that you are connecting to must support LDAP v3 and must be configured * to process the specified extended operation. * * @param op LDAPExtendedOperation object specifying the OID of the * extended operation and the data to use in the operation * @exception LDAPException Failed to execute the operation * @return LDAPExtendedOperation object representing the extended response * returned by the server. * @see org.ietf.ldap.LDAPExtendedOperation */ public LDAPExtendedOperation extendedOperation( LDAPExtendedOperation op ) throws LDAPException { return extendedOperation(op, _defaultConstraints); } /** * Performs an extended operation on the directory. Extended operations * are part of version 3 of the LDAP protocol. This method allows the * user to set the preferences for the operation.
* * Note that in order for the extended operation to work, the server * that you are connecting to must support LDAP v3 and must be configured * to process the specified extended operation. * * @param op LDAPExtendedOperation object specifying the OID of the * extended operation and the data to use in the operation * @param cons preferences for the extended operation * @exception LDAPException Failed to execute the operation * @return LDAPExtendedOperation object representing the extended response * returned by the server. * @see org.ietf.ldap.LDAPExtendedOperation */ public LDAPExtendedOperation extendedOperation( LDAPExtendedOperation op, LDAPConstraints cons ) throws LDAPException { internalBind (cons); LDAPResponseQueue myListener = getResponseListener (); LDAPMessage response = null; byte[] results = null; String resultID; try { sendRequest ( new JDAPExtendedRequest( op.getID(), op.getValue() ), myListener, cons ); response = myListener.getResponse(); checkMsg (response); JDAPExtendedResponse res = (JDAPExtendedResponse)response.getProtocolOp(); results = res.getValue(); resultID = res.getID(); } catch (LDAPReferralException e) { return performExtendedReferrals( e, cons, op ); } finally { releaseResponseListener (myListener); } return new LDAPExtendedOperation( resultID, results ); } /** * Performs an extended operation on the directory. Extended operations * are part of version 3 of the LDAP protocol.
* * Note that in order for the extended operation to work, the server * that you are connecting to must support LDAP v3 and must be configured * to process the specified extended operation. * * @param op LDAPExtendedOperation object specifying the OID of the * extended operation and the data to use in the operation * @param queue handler for messages returned from a server in response * to this request. If it is null, a listener object is created internally. * @exception LDAPException Failed to execute the operation * @return LDAPExtendedOperation object representing the extended response * returned by the server. * @see org.ietf.ldap.LDAPExtendedOperation */ public LDAPResponseQueue extendedOperation( LDAPExtendedOperation op, LDAPResponseQueue queue ) throws LDAPException { return extendedOperation( op, queue, _defaultConstraints ); } /** * Performs an extended operation on the directory. Extended operations * are part of version 3 of the LDAP protocol.
*
* Note that in order for the extended operation to work, the server
* that you are connecting to must support LDAP v3 and must be configured
* to process the specified extended operation.
*
* @param op LDAPExtendedOperation object specifying the OID of the
* extended operation and the data to use in the operation
* @param queue handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to execute the operation
* @return LDAPExtendedOperation object representing the extended response
* returned by the server.
* @see org.ietf.ldap.LDAPExtendedOperation
*/
public LDAPResponseQueue extendedOperation(
LDAPExtendedOperation op,
LDAPResponseQueue queue,
LDAPConstraints cons )
throws LDAPException {
return null;
}
/**
* Finalize method, which disconnects from the LDAP server
* @exception LDAPException Thrown on error in disconnecting
*/
protected void finalize() throws LDAPException {
if (isConnected()) {
disconnect();
}
}
/**
* Returns the distinguished name (DN) used for authentication over
* this connection.
* @return distinguished name used for authentication over this connection.
*/
public String getAuthenticationDN () {
return _boundDN;
}
/**
* Returns the password used for authentication over this connection.
* @return password used for authentication over this connection.
*/
byte[] getAuthenticationPassword () {
return _boundPasswd;
}
/**
* Gets the authentication method used to bind:
* "none", "simple", or "sasl"
*
* @return the authentication method, or "none"
*/
public String getAuthenticationMethod() {
return isConnected() ? _authMethod : "none";
}
/**
* Gets the LDAPCache object associated with
* the current LDAPConnection object.
*
*
* @return the LDAPCache object representing
* the cache that the current connection should use
* @see org.ietf.ldap.LDAPCache
* @see org.ietf.ldap.LDAPConnection#setCache(org.ietf.ldap.LDAPCache)
*/
public LDAPCache getCache() {
return _cache;
}
/**
* Returns the maximum time to wait for the connection to be established.
* @return the maximum connect time in seconds or 0 (unlimited)
* @see org.ietf.ldap.LDAPConnection#setConnectTimeout
*/
public int getConnectTimeout () {
return _connectTimeout;
}
/**
* Returns the delay in seconds when making concurrent connection attempts to
* multiple servers.
* @return the delay in seconds between connection attempts:
* NODELAY_SERIAL The serial connection setup policy is enabled
* (no concurrency).
* NODELAY_PARALLEL The parallel connection setup policy with no delay
* is enabled.
* delay > 0 The parallel connection setup policy with the delay of
* delay seconds is enabled.
* @see org.ietf.ldap.LDAPConnection#setConnSetupDelay
*/
public int getConnSetupDelay () {
return _connSetupDelay;
}
/**
* Returns the set of constraints that apply to all operations
* performed through this connection (unless you specify a different
* set of constraints when calling a method).
*
*
* Note that if you want to get individual constraints (rather than
* getting the
* entire set of constraints), call the getOption method.
*
*
* Typically, you might call the getConstraints method
* to create a slightly different set of constraints for a particular
* operation.
*
* * For example, the following section of code changes the timeout * to 3000 milliseconds for a specific rename. Rather than construct a new * set of constraints from scratch, the example gets the current * settings for the connections and just changes the setting for the * timeout. *
* * Note that this change only applies to the searches performed with this * custom set of constraints. All other searches performed through this * connection use the original set of search constraints. *
* *
* ...
* LDAPConstraints myOptions = ld.getConstraints();
* myOptions.setTimeout( 3000 );
* ld.search( "cn=William Jensen, ou=Accounting, o=Ace Industry,c=US",
* "cn=Will Jensen",
* null,
* false,
* myOptions );
* ...
*
*
* @return a copy of the LDAPConstraints object representing the
* set of constraints that apply (by default) to all operations
* performed through this connection.
* @see org.ietf.ldap.LDAPConstraints
* @see org.ietf.ldap.LDAPConnection#getOption
*/
public LDAPConstraints getConstraints () {
return (LDAPConstraints)getSearchConstraints();
}
/**
* Returns the host name of the LDAP server to which you are connected.
* @return host name of the LDAP server.
*/
public String getHost () {
if (_connMgr != null) {
return _connMgr.getHost();
}
return null;
}
/**
* Gets the stream for reading from the listener socket
*
* @return the stream for reading from the listener socket, or
* null if there is none
*/
public InputStream getInputStream() {
return (_thread != null) ? _thread.getInputStream() : null;
}
/**
* Gets the stream for writing to the socket
*
* @return the stream for writing to the socket, or
* null if there is none
*/
public OutputStream getOutputStream() {
return (_thread != null) ? _thread.getOutputStream() : null;
}
/**
* Returns the port number of the LDAP server to which you are connected.
* @return port number of the LDAP server.
*/
public int getPort () {
if (_connMgr != null) {
return _connMgr.getPort();
}
return -1;
}
/**
* Gets a property of a connection. * * You can get the following properties for a given connection:
*
LDAP_PROPERTY_SDK
* To get the version of this SDK, get this property. The value of
* this property is of the type Float.
*
LDAP_PROPERTY_PROTOCOL
* To get the highest supported version of the LDAP protocol, get
* this property.
* The value of this property is of the type Float.
*
LDAP_PROPERTY_SECURITY
* To get a comma-separated list of the types of authentication
* supported, get this property. The value of this property is of the
* type String.
*
* * For example, the following section of code gets the version of * the SDK.
* *
* ...
* Float sdkVersion = ( Float )myConn.getProperty( myConn.LDAP_PROPERTY_SDK );
* System.out.println( "SDK version: " + sdkVersion );
* ...
*
* @param name name of the property (for example, LDAP_PROPERTY_SDK) * * @return the value of the property.
*
* Since the return value is an object, you should recast it as the appropriate type.
* (For example, when getting the LDAP_PROPERTY_SDK property,
* recast the return value as a Float.)
* * If you pass this method an unknown property name, the method * returns null.
* * @exception LDAPException Unable to get the value of the * specified property.
* * @see org.ietf.ldap.LDAPConnection#LDAP_PROPERTY_SDK * @see org.ietf.ldap.LDAPConnection#LDAP_PROPERTY_PROTOCOL * @see org.ietf.ldap.LDAPConnection#LDAP_PROPERTY_SECURITY */ public Object getProperty(String name) throws LDAPException { return _properties.get( name ); } /** * Returns the protocol version that the connection is bound to (which * currently is 3). If the connection is not bound, it returns 3. * * @return the protocol version that the connection is bound to */ public int getProtocolVersion() { return _protocolVersion; } /** * Returns an array of the latest controls (if any) from server. *
* To retrieve the controls from a search result, call the
*
*
* Note that if you want to get individual constraints (rather than
* getting the
* entire set of constraints), call the
*
* Typically, you might call the
*
* For example, the following section of code changes the maximum number
* of results to 10 for a specific search. Rather than construct a new
* set of search constraints from scratch, the example gets the current
* settings for the connections and just changes the setting for the
* maximum results.
*
*
* Note that this change only applies to the searches performed with this
* custom set of constraints. All other searches performed through this
* connection use the original set of search constraints.
*
*
*
*
* @return the object representing the socket factory used to
* establish a connection to a server.
* @see org.ietf.ldap.LDAPSocketFactory
* @see org.ietf.ldap.LDAPSSLSocketFactory
* @see org.ietf.ldap.LDAPConnection#setSocketFactory(org.ietf.ldap.LDAPSocketFactory)
*/
public LDAPSocketFactory getSocketFactory () {
return _factory;
}
/**
* Indicates whether this client has authenticated to the LDAP server
* (other than anonymously with simple bind)
*
* @return
*
* Use the
*
* For example, the following section of code changes Barbara Jensen's email
* address in the directory to babs@aceindustry.com.
*
*
*
* @param DN the distinguished name of the entry to modify
* @param mod a single change to make to the entry
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to make the specified change to the
* directory entry.
* @see org.ietf.ldap.LDAPModification
* @see org.ietf.ldap.LDAPConstraints
*/
public void modify( String DN, LDAPModification mod,
LDAPConstraints cons ) throws LDAPException {
LDAPModification[] mods = { mod };
modify( DN, mods, cons );
}
/**
* Makes a set of changes to an existing entry in the directory
* (for example, changes attribute values, adds new attribute values,
* or removes existing attribute values).
*
* Use an array of
*
* @param DN the distinguished name of the entry to modify
* @param mods an array of objects representing the changes to make
* to the entry
* @exception LDAPException Failed to make the specified changes to the
* directory entry.
* @see org.ietf.ldap.LDAPModification
*/
public void modify( String DN, LDAPModification[] mods )
throws LDAPException {
modify( DN, mods, _defaultConstraints );
}
/**
* Makes a set of changes to an existing entry in the directory and
* allows you to specify preferences for this LDAP modify operation
* by using an
*
* @param DN the distinguished name of the entry to modify
* @param mods an array of objects representing the changes to make
* to the entry
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to make the specified changes to the
* directory entry.
* @see org.ietf.ldap.LDAPModification
* @see org.ietf.ldap.LDAPConstraints
*/
public void modify( String DN, LDAPModification[] mods,
LDAPConstraints cons ) throws LDAPException {
internalBind (cons);
LDAPResponseQueue myListener = getResponseListener ();
LDAPMessage response = null;
try {
sendRequest (new JDAPModifyRequest (DN, mods), myListener, cons);
response = myListener.getResponse();
checkMsg (response);
} catch (LDAPReferralException e) {
performReferrals(e, cons, JDAPProtocolOp.MODIFY_REQUEST,
DN, 0, null, null, false, mods, null, null, null);
} finally {
releaseResponseListener (myListener);
}
}
/**
* Makes a single change to an existing entry in the directory. For
* example, it changes the value of an attribute, adds a new attribute
* value, or removes an existing attribute value).
*
* For example, the following section of code reads the entry for
* Barbara Jensen and retrieves all attributes for that entry.
*
*
*
*
* For example, the following section of code reads the entry for
* Barbara Jensen and retrieves all attributes for that entry.
*
*
*
*
* For example, the following section of code reads the entry for
* Barbara Jensen and retrieves only the
*
*
*
* For example, the following section of code reads the entry for
* Barbara Jensen and retrieves only the
*
*
*
* When you call this method, a new connection is created automatically,
* using the host and port specified in the URL. After finding the entry,
* the method closes this connection (in other words, it disconnects from
* the LDAP server).
*
* If the URL specifies a filter and scope, these are not used.
* Of the information specified in the URL, this method only uses
* the LDAP host name and port number, the base distinguished name (DN),
* and the list of attributes to return.
*
* The method returns the entry specified by the base DN.
*
* (Note: If you want to search for more than one entry, use the
*
*
* For example, the following section of code reads the entry specified
* by the LDAP URL.
*
*
*
*
* When you call this method, a new connection is created automatically,
* using the host and port specified in the URL. After finding the entry,
* the method closes this connection (in other words, it disconnects from
* the LDAP server).
*
* If the URL specifies a filter and scope, these are not used.
* Of the information specified in the URL, this method only uses
* the LDAP host name and port number, the base distinguished name (DN),
* and the list of attributes to return.
*
* The method returns the entry specified by the base DN.
*
* (Note: If you want to search for more than one entry, use the
*
*
* For example, the following section of code reads the entry specified
* by the LDAP URL.
*
*
*
*
* You can specify whether or not the original name of the entry is
* retained as a value in the entry. For example, suppose you rename
* the entry "cn=Barbara" to "cn=Babs". You can keep "cn=Barbara"
* as a value in the entry so that the cn attribute has two values:
*
*
*
*
*
* You can specify whether or not the original name of the entry is
* retained as a value in the entry. For example, suppose you rename
* the entry "cn=Barbara" to "cn=Babs". You can keep "cn=Barbara"
* as a value in the entry so that the cn attribute has two values:
*
*
*
*
*
* NOTE: Netscape Directory Server 3.0 does not support the
* capability to move an entry to a different location in the
* directory tree. If you specify a value for the
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry (for example,
* "cn=newName")
* @param newParentDN if not null, the distinguished name for the
* entry under which the entry should be moved (for example, to move
* an entry under the Accounting subtree, specify this argument as
* "ou=Accounting, o=Ace Industry, c=US")
* @param deleteOldRDN if
*
* NOTE: Netscape Directory Server 3.0 does not support the
* capability to move an entry to a different location in the
* directory tree. If you specify a value for the
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry (for example,
* "cn=newName")
* @param newParentDN if not null, the distinguished name for the
* entry under which the entry should be moved (for example, to move
* an entry under the Accounting subtree, specify this argument as
* "ou=Accounting, o=Ace Industry, c=US")
* @param deleteOldRDN if
*
* For example, the following section of code searches for all entries under
* the
*
*
*
* To abandon the search, use the
*
* As part of the search constraints, you can specify whether or not you
* want the results delivered all at once or in smaller batches.
* If you specify the results delivered in smaller
* batches, each iteration blocks until the next batch of results is
* returned.
*
* For example, the following section of code retrieves the first 5
* matching entries for the search specified by the LDAP URL. The
* example accomplishes this by creating a new set of search
* constraints where the maximum number of search results is 5.
*
*
*
* To abandon the search, use the
*
* For example, the following section of code searches for all entries under
* the
*
*
*
* To abandon the search, use the
*
*
*
*
* @param filter search filter specifying the search criteria
* @param attrs list of attributes that you want returned in the
* search results
* @param attrsOnly if true, returns the names but not the values of the
* attributes found. If false, returns the names and values for
* attributes found
* @return LDAPSearchResults the results of the search as an enumeration.
* @exception LDAPException Failed to complete the specified search.
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchResults)
*/
public LDAPSearchResults search( String base,
int scope,
String filter,
String[] attrs,
boolean attrsOnly ) throws LDAPException {
return search( base, scope, filter, attrs, attrsOnly,
_defaultConstraints );
}
/**
* Performs the search specified by the criteria that you enter.
* This method also allows you to specify constraints for the search
* (such as the maximum number of entries to find or the
* maximum time to wait for search results).
*
* As part of the search constraints, you can specify whether or not
* you want the
* results delivered all at once or in smaller batches. If you
* specify that you want the results delivered in smaller batches,
* each iteration blocks until the
* next batch of results is returned.
*
* For example, the following section of code retrieves the first 5 entries
* matching the specified search criteria. The example accomplishes
* this by creating a new set of search constraints where the maximum
* number of search results is 5.
*
*
*
* To abandon the search, use the
*
*
*
*
* @param filter search filter specifying the search criteria
* @param attrs list of attributes to return in the search
* results
* @param cons constraints specific to this search (for example, the
* maximum number of entries to return)
* @param attrsOnly if true, returns the names but not the values of the
* attributes found. If false, returns the names and values for
* attributes found
* @return LDAPSearchResults the results of the search as an enumeration.
* @exception LDAPException Failed to complete the specified search.
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchResults)
*/
public LDAPSearchResults search( String base,
int scope,
String filter,
String[] attrs,
boolean attrsOnly,
LDAPSearchConstraints cons )
throws LDAPException {
if (cons == null) {
cons = _defaultConstraints;
}
LDAPSearchResults returnValue =
new LDAPSearchResults( this, cons, base, scope, filter,
attrs, attrsOnly );
Vector cacheValue = null;
Long key = null;
boolean isKeyValid = true;
try {
// get entry from cache which is a vector of JDAPMessages
if ( _cache != null ) {
// create key for cache entry using search arguments
key = _cache.createKey( getHost(), getPort(),base, filter,
scope, attrs, _boundDN, cons );
cacheValue = (Vector)_cache.getEntry(key);
if ( cacheValue != null ) {
return new LDAPSearchResults(
cacheValue, this, cons, base, scope,
filter, attrs, attrsOnly );
}
}
} catch ( LDAPException e ) {
isKeyValid = false;
printDebug("Exception: "+e);
}
internalBind( cons );
LDAPSearchQueue myListener = getSearchListener( cons );
int deref = cons.getDereference();
JDAPSearchRequest request = null;
try {
request = new JDAPSearchRequest( base, scope, deref,
cons.getMaxResults(),
cons.getServerTimeLimit(),
attrsOnly, filter, attrs );
} catch ( IllegalArgumentException e ) {
throw new LDAPException(e.getMessage(), LDAPException.PARAM_ERROR);
}
// if using cache, then we need to set the key of the search listener
if ( (_cache != null) && isKeyValid ) {
myListener.setKey( key );
}
try {
sendRequest( request, myListener, cons );
}
catch ( LDAPException e ) {
releaseSearchListener( myListener );
throw e;
}
/* Is this a persistent search? */
boolean isPersistentSearch = false;
LDAPControl[] controls =
(LDAPControl[])getOption( SERVERCONTROLS, cons );
for ( int i = 0; (controls != null) && (i < controls.length); i++ ) {
if ( controls[i] instanceof
org.ietf.ldap.controls.LDAPPersistSearchControl ) {
isPersistentSearch = true;
break;
}
}
/* For a persistent search, don't wait for a first result, because
there may be none at this time if changesOnly was specified in
the control.
*/
if ( isPersistentSearch ) {
returnValue.associatePersistentSearch (myListener);
} else if ( cons.getBatchSize() == 0 ) {
/* Synchronous search if all requested at once */
try {
/* Block until all results are in */
LDAPMessage response = myListener.completeRequest();
Iterator results = myListener.getAllMessages().iterator();
checkSearchMsg(returnValue, response, cons, base, scope,
filter, attrs, attrsOnly);
while ( results.hasNext() ) {
LDAPMessage msg = (LDAPMessage)results.next();
checkSearchMsg( returnValue, msg, cons, base, scope,
filter, attrs, attrsOnly );
}
} finally {
releaseSearchListener( myListener );
}
} else {
/*
* Asynchronous to retrieve one at a time, check to make sure
* the search didn't fail
*/
LDAPMessage firstResult = myListener.getResponse();
if ( firstResult instanceof LDAPResponse ) {
try {
checkSearchMsg( returnValue, firstResult, cons, base,
scope, filter, attrs, attrsOnly );
} finally {
releaseSearchListener( myListener );
}
} else {
try {
checkSearchMsg( returnValue, firstResult, cons, base,
scope, filter, attrs, attrsOnly );
} catch ( LDAPException ex ) {
releaseSearchListener( myListener );
throw ex;
}
/* we let this listener get garbage collected.. */
returnValue.associate( myListener );
}
}
return returnValue;
}
/**
* Performs the search specified by the criteria that you enter.
* To abandon the search, use the
*
*
*
*
* @param filter search filter specifying the search criteria
* @param attrs list of attributes that you want returned in the
* search results
* @param typesOnly if true, returns the names but not the values of the
* attributes found. If false, returns the names and values for
* attributes found
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPSearchQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchQueue)
*/
public LDAPSearchQueue search( String base,
int scope,
String filter,
String attrs[],
boolean typesOnly,
LDAPSearchQueue listener )
throws LDAPException {
return search( base, scope, filter, attrs, typesOnly,
listener, _defaultConstraints );
}
/**
* Performs the search specified by the criteria that you enter.
* This method also allows you to specify constraints for the search
* (such as the maximum number of entries to find or the
* maximum time to wait for search results).
* To abandon the search, use the
*
*
*
*
* @param filter search filter specifying the search criteria
* @param attrs list of attributes that you want returned in the search
* results
* @param typesOnly if true, returns the names but not the values of the
* attributes found. If false, returns the names and values for
* attributes found.
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to this search (for example, the
* maximum number of entries to return)
* @return LDAPSearchQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchQueue)
*/
public LDAPSearchQueue search( String base,
int scope,
String filter,
String attrs[],
boolean typesOnly,
LDAPSearchQueue listener,
LDAPSearchConstraints cons )
throws LDAPException {
if ( cons == null ) {
cons = _defaultConstraints;
}
internalBind( cons );
if ( listener == null ) {
listener = new LDAPSearchQueue( /*asynchOp=*/true, cons );
}
JDAPSearchRequest request = null;
try {
request = new JDAPSearchRequest( base, scope,
cons.getDereference(),
cons.getMaxResults(),
cons.getServerTimeLimit(),
typesOnly, filter, attrs );
}
catch ( IllegalArgumentException e ) {
throw new LDAPException( e.getMessage(),
LDAPException.PARAM_ERROR );
}
sendRequest( request, listener, cons );
return listener;
}
/**
* Sets the specified
*
* @param cache the Effectively, selects the connection setup policy when a list of hosts is passed
* to the You must set the
*
* @param name name of the property to set
* @param val value to set
* @exception LDAPException Unable to set the value of the specified
* property.
*/
public void setProperty( String name, Object val ) throws LDAPException {
if ( name.equalsIgnoreCase( SCHEMA_BUG_PROPERTY ) ) {
_properties.put( SCHEMA_BUG_PROPERTY, val );
} else if ( name.equalsIgnoreCase( SASL_PACKAGE_PROPERTY ) ) {
_properties.put( SASL_PACKAGE_PROPERTY, val );
} else if ( name.equalsIgnoreCase( "debug" ) ) {
debug = ((String)val).equalsIgnoreCase( "true" );
} else if ( name.equalsIgnoreCase( TRACE_PROPERTY ) ) {
Object traceOutput = null;
if (val == null) {
_properties.remove(TRACE_PROPERTY);
} else {
if ( _thread != null ) {
traceOutput = createTraceOutput( val );
}
_properties.put( TRACE_PROPERTY, val );
}
if ( _thread != null ) {
_thread.setTraceOutput( traceOutput );
}
// This is used only by the ldapjdk test cases to simulate a
// server problem and to test fail-over and rebind
} else if ( name.equalsIgnoreCase( "breakConnection" ) ) {
_connMgr.breakConnection();
} else {
throw new LDAPException( "Unknown property: " + name );
}
}
/**
* Set the default constraint set for all search operations.
* @param cons
*
* @param factory the object representing the socket factory that
* you want to use to establish a connection to a server
* @see org.ietf.ldap.LDAPSocketFactory
* @see org.ietf.ldap.LDAPSSLSocketFactory
* @see org.ietf.ldap.LDAPConnection#getSocketFactory
*/
public void setSocketFactory( LDAPSocketFactory factory ) {
_factory = factory;
}
/**
* Begin using the Transport Layer Security (TLS) protocol for session
* privacy [TLS][LDAPTLS]. If the socket factory of the connection is
* not capable of initiating a TLS session, an LDAPException is thrown
* with the error code TLS_NOT_SUPPORTED. If the server does not support
* the transition to a TLS session, an LDAPException is thrown with the
* error code returned by the server. If there are outstanding LDAP
* operations on the connection, an LDAPException is thrown.
*/
public void startTLS() throws LDAPException {
}
/**
* Stop using the Transport Layer Security (TLS) protocol for session
* privacy [LDAPTLS]. If the server does not support the termination of
* a TLS session, an LDAPException is thrown with the error code
* returned by the server. If there are outstanding LDAP operations on
* the connection, an LDAPException is thrown.
*/
public void stopTLS() throws LDAPException {
}
/**
* Returns the value of the specified option for this
*
*
* These options represent the constraints for the current connection.
* To get all constraints for the current connection, call the
*
*
* By default, the constraints apply to all operations performed
* through the current connection. You can change these constraints:
*
*
*
*
*
*
*
*
* For example, the following section of code gets and prints the
* maximum number of search results that are returned for searches
* performed through this connection. (This applies to all searches
* unless a different set of search constraints is specified in an
*
*
* By default, the value of this option is 2. By default, the value of this option is
* By default, the value of this option is 1000. By default, the value of this option is 0. By default, the value of this option is By default, the value of this option is By default, the value of this option is By default, the value of this option is 10. By default, the value of this option is 1. By default, the value of this option is 100. The value 0 means there
* is no limit.
* @return the value for the option wrapped in an object. (You
* need to cast the returned value as its appropriate type. For
* example, when getting the SIZELIMIT option, cast the returned
* value as an
*
* These options represent the constraints for the current
* connection.
* To get all constraints for the current connection, call the
*
*
* By default, the option that you set applies to all subsequent
* operations performed through the current connection. If you want to
* set a constraint only for a particular operation, create an
*
*
* For example, the following section of code changes the constraint for
* the maximum number of search results that are returned for searches
* performed through this connection. (This applies to all searches
* unless a different set of search constraints is specified in an
*
*
* By default, the value of this option is 2. If you want
* to use LDAP v3 features (such as extended operations or
* controls), you need to set this value to 3. By default, the value of this option is
* By default, the value of this option is 1000. By default, the value of this option is 0. By default, the value of this option is By default, the value of this option is By default, the value of this option is By default, the value of this option is 10. By default, the value of this option is 1. By default, the value of this option is 100. The value 0 means there
* is no limit.
* @param value the value to assign to the option. The value must be
* the java.lang object wrapper for the appropriate parameter
* (e.g. boolean->Boolean,
* integer->Integer)
* @exception LDAPException Failed to set the specified option.
* @see org.ietf.ldap.LDAPAuthHandler
* @see org.ietf.ldap.LDAPConstraints
* @see org.ietf.ldap.LDAPSearchConstraints
* @see org.ietf.ldap.LDAPReferralException
* @see org.ietf.ldap.LDAPControl
* @see org.ietf.ldap.LDAPConnection#getSearchConstraints
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints)
*/
public void setOption( int option, Object value ) throws LDAPException {
if (option == LDAPConnection.PROTOCOL_VERSION) {
setProtocolVersion(((Integer)value).intValue());
return;
}
setOption(option, value, _defaultConstraints);
}
private static void setOption( int option,
Object value,
LDAPSearchConstraints cons )
throws LDAPException {
try {
switch (option) {
case LDAPConnection.DEREF:
cons.setDereference(((Integer)value).intValue());
return;
case LDAPConnection.SIZELIMIT:
cons.setMaxResults(((Integer)value).intValue());
return;
case LDAPConnection.TIMELIMIT:
cons.setTimeLimit(((Integer)value).intValue());
return;
case LDAPConnection.SERVER_TIMELIMIT:
cons.setServerTimeLimit(((Integer)value).intValue());
return;
case LDAPConnection.REFERRALS:
cons.setReferralFollowing(((Boolean)value).booleanValue());
return;
case LDAPConnection.REFERRALS_REBIND_PROC:
cons.setReferralHandler((LDAPReferralHandler)value);
return;
case LDAPConnection.REFERRALS_HOP_LIMIT:
cons.setHopLimit(((Integer)value).intValue());
return;
case LDAPConnection.BATCHSIZE:
cons.setBatchSize(((Integer)value).intValue());
return;
case LDAPConnection.SERVERCONTROLS:
if ( value == null )
cons.setControls( (LDAPControl[]) null );
else if ( value instanceof LDAPControl )
cons.setControls( (LDAPControl) value );
else if ( value instanceof LDAPControl[] )
cons.setControls( (LDAPControl[])value );
else
throw new LDAPException ( "invalid LDAPControl",
LDAPException.PARAM_ERROR );
return;
case MAXBACKLOG:
cons.setMaxBacklog( ((Integer)value).intValue() );
return;
default:
throw new LDAPException ( "invalid option",
LDAPException.PARAM_ERROR );
}
} catch ( ClassCastException cc ) {
throw new LDAPException ( "invalid option value",
LDAPException.PARAM_ERROR );
}
}
/**
* Send a request to the server
*/
void sendRequest( JDAPProtocolOp oper, LDAPMessageQueue myListener,
LDAPConstraints cons ) throws LDAPException {
// retry three times if we get a nullPointer exception.
// Don't remove this. The following situation might happen:
// Before sendRequest gets invoked, it is possible that the
// LDAPConnThread encountered a network error and called
// deregisterConnection which set the thread reference to null.
boolean requestSent = false;
for ( int i = 0; !requestSent && (i < 3); i++ ) {
try {
_thread.sendRequest( this, oper, myListener, cons );
requestSent = true;
} catch( NullPointerException ne ) {
// do nothing
} catch (IllegalArgumentException e) {
throw new LDAPException(e.getMessage(),
LDAPException.PARAM_ERROR);
}
}
if ( !isConnected() ) {
throw new LDAPException( "The connection is not available",
LDAPException.OTHER );
}
if ( !requestSent ) {
throw new LDAPException( "Failed to send request",
LDAPException.OTHER );
}
}
/**
* Internal routine. Binds to the LDAP server.
* This method is used by the "smart failover" feature. If a server
* or network error has occurred, an attempt is made to automatically
* restore the connection on the next ldap operation request
* @exception LDAPException failed to bind or the user has disconncted
*/
private void internalBind( LDAPConstraints cons ) throws LDAPException {
// If the user has invoked disconnect() no attempt is made
// to restore the connection
if ( (_connMgr != null) && _connMgr.isUserDisconnected() ) {
throw new LDAPException( "not connected", LDAPException.OTHER );
}
if ( _saslBinder != null ) {
if ( !isConnected() ) {
connect();
}
_saslBinder.bind( this, false );
_authMethod = "sasl";
} else {
//Rebind using _rebindConstraints
if ( _rebindConstraints == null ) {
_rebindConstraints = _defaultConstraints;
}
internalBind ( _protocolVersion, false, _rebindConstraints );
}
}
void checkSearchMsg( LDAPSearchResults value, LDAPMessage msg,
LDAPSearchConstraints cons, String dn,
int scope, String filter,
String attrs[], boolean attrsOnly)
throws LDAPException {
value.setMsgID( msg.getMessageID() );
try {
checkMsg( msg );
// not the JDAPResult
if ( msg.getProtocolOp().getType() !=
JDAPProtocolOp.SEARCH_RESULT ) {
value.add( msg );
}
} catch ( LDAPReferralException e ) {
Vector res = new Vector();
try {
performReferrals( e, cons, JDAPProtocolOp.SEARCH_REQUEST, dn,
scope, filter, attrs, attrsOnly, null, null,
null, res );
}
catch ( LDAPException ex ) {
if ( msg.getProtocolOp() instanceof
JDAPSearchResultReference ) {
/*
Don't want to miss all remaining results, so continue.
This is very ugly (using println). We should have a
configurable parameter (probably in LDAPSearchConstraints)
whether to ignore failed search references or throw an
exception.
*/
System.err.println( "LDAPConnection.checkSearchMsg: " +
"ignoring bad referral" );
return;
}
throw ex;
}
// The size of the vector can be more than 1 because it is possible
// to visit more than one referral url to retrieve the entries
for ( int i = 0; i < res.size(); i++ ) {
value.addReferralEntries( (LDAPSearchResults)res.elementAt(i) );
}
res = null;
} catch ( LDAPException e ) {
if ( (e.getResultCode() == LDAPException.ADMIN_LIMIT_EXCEEDED) ||
(e.getResultCode() == LDAPException.TIME_LIMIT_EXCEEDED) ||
(e.getResultCode() == LDAPException.SIZE_LIMIT_EXCEEDED) ) {
value.add(e);
} else {
throw e;
}
}
}
/**
* Internal routine. Binds to the LDAP server.
* @param version protocol version to request from server
* @param rebind true if the bind/authenticate operation is requested,
* false if the method is invoked by the "smart failover" feature
* @exception LDAPException failed to bind
*/
private void internalBind( int version, boolean rebind,
LDAPConstraints cons ) throws LDAPException {
_saslBinder = null;
if ( !isConnected() ) {
_bound = false;
_authMethod = "none";
connect();
// special case: the connection currently is not bound, and now
// there is a bind request. The connection needs to reconnect if
// the thread has more than one LDAPConnection.
} else if ( !_bound && rebind && (_thread.getClientCount() > 1) ) {
disconnect();
connect();
}
// if the connection is still intact and no rebind request
if ( _bound && !rebind ) {
return;
}
// if the connection was lost and did not have any kind of bind
// operation and the current one does not request any bind operation (ie,
// no authenticate has been called)
if ( !_anonymousBound &&
((_boundDN == null) || (_boundPasswd == null)) &&
!rebind ) {
return;
}
if ( _bound && rebind ) {
if ( _protocolVersion == version ) {
if ( _anonymousBound &&
((_boundDN == null) || (_boundPasswd == null)) ) {
return;
}
if ( !_anonymousBound &&
(_boundDN != null) &&
(_boundPasswd != null) &&
_boundDN.equals(_prevBoundDN) &&
equalsBytes(_boundPasswd, _prevBoundPasswd) ) {
return;
}
}
// if we got this far, we need to rebind since previous and
// current credentials are not the same.
// if the current connection is the only connection of the thread,
// then reuse this current connection. otherwise, disconnect the
// current one (ie, detach from the current thread) and reconnect
// again (ie, get a new thread).
if ( _thread.getClientCount() > 1 ) {
disconnect();
connect();
}
}
_protocolVersion = version;
LDAPResponseQueue myListener = getResponseListener();
try {
if ( (_referralConnection != null) &&
_referralConnection.isConnected() ) {
_referralConnection.disconnect();
}
_referralConnection = null;
_bound = false;
sendRequest( new JDAPBindRequest( _protocolVersion, _boundDN,
_boundPasswd),
myListener, cons );
checkMsg( myListener.getResponse() );
markConnAsBound();
_rebindConstraints = (LDAPConstraints)cons.clone();
_authMethod = "simple";
} catch (LDAPReferralException e) {
_referralConnection = createReferralConnection( e, cons );
} finally {
releaseResponseListener( myListener );
}
}
private static boolean equalsBytes( byte[] b1, byte[] b2 ) {
if ( b1 == null ) {
return ( b2 == null );
} else if ( b2 == null ) {
return true;
}
if ( b1.length != b2.length ) {
return false;
}
for( int i = 0; i < b1.length; i++ ) {
if ( b1[i] != b2[1] ) {
return false;
}
}
return true;
}
/**
* Mark this connection as bound in the thread connection table
*/
void markConnAsBound() {
synchronized (_threadConnTable) {
if (_threadConnTable.containsKey(_thread)) {
Vector v = (Vector)_threadConnTable.get(_thread);
for (int i=0, n=v.size(); i
* For example:
*
* getResponseControls method from the LDAPSearchResults
* object returned with the result.
* @return an array of the controls returned by an operation, or
* null if none.
* @see org.ietf.ldap.LDAPControl
* @see org.ietf.ldap.LDAPSearchResults#getResponseControls
*/
public LDAPControl[] getResponseControls() {
LDAPControl[] controls = null;
/* Get the latest controls returned for our thread */
synchronized(_responseControlTable) {
Vector responses = (Vector)_responseControlTable.get(_thread);
if (responses != null) {
// iterate through each response control
for (int i=0,size=responses.size(); igetOption method.
* getSearchConstraints method
* to create a slightly different set of search constraints
* to apply to a particular search.
*
* ...
* LDAPSearchConstraints myOptions = ld.getSearchConstraints();
* myOptions.setMaxResults( 10 );
* String[] myAttrs = { "objectclass" };
* LDAPSearchResults myResults = ld.search( "o=Ace Industry,c=US",
* LDAPConnection.SCOPE_SUB,
* "(objectclass=*)",
* myAttrs,
* false,
* myOptions );
* ...
*
*
* @return a copy of the LDAPSearchConstraints object
* representing the set of search constraints that apply (by default) to
* all searches performed through this connection.
* @see org.ietf.ldap.LDAPSearchConstraints
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints)
*/
public LDAPSearchConstraints getSearchConstraints () {
return (LDAPSearchConstraints)_defaultConstraints.clone();
}
/**
* Gets the object representing the socket factory used to establish
* a connection to the LDAP server.
* false initially, false upon a bind
* request, and true after successful completion of the last
* outstanding non-anonymous simple bind
*/
public boolean isBound() {
if (_bound) {
if ((_boundDN == null) || _boundDN.equals("") ||
(_boundPasswd == null) || (_boundPasswd.length < 1)) {
return false;
}
}
return _bound;
}
/**
* Indicates if the connection represented by this object
* is open at this time
*
* @return true if connected to an LDAP server over this
* connection.
* If not connected to an LDAP server, returns false.
*/
public boolean isConnected() {
// This is the hack: If the user program calls isConnected() when
// the thread is about to shut down, the isConnected might get called
// before the deregisterConnection(). We add the yield() so that
// the deregisterConnection() will get called first.
// This problem only exists on Solaris.
Thread.yield();
return (_thread != null);
}
/**
* Indicates if the connection is currently protected by TLS
*
* @return true if the connection is currently protected
* by TLS; if not connected to an LDAP server, returns false.
*/
public boolean isTLS() {
return false;
}
/**
* Makes a single change to an existing entry in the directory
* (for example, changes the value of an attribute, adds a new
* attribute value, or removes an existing attribute value). LDAPModification object to specify the change
* to make and the LDAPAttribute object
* to specify the attribute value to change. The
* LDAPModification object allows you add an attribute
* value, change an attibute value, or remove an attribute
* value.
* ...
* String myEntryDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
*
* LDAPAttribute attrEmail = new LDAPAttribute( "mail", "babs@aceindustry.com" );
* LDAPModification singleChange = new LDAPModification( LDAPModification.REPLACE, attrEmail );
*
* myConn.modify( myEntryDN, singleChange );
* ...
*
* @param DN the distinguished name of the entry to modify
* @param mod a single change to make to the entry
* @exception LDAPException Failed to make the specified change to the
* directory entry.
* @see org.ietf.ldap.LDAPModification
*/
public void modify( String DN, LDAPModification mod ) throws LDAPException {
modify( DN, mod, _defaultConstraints );
}
/**
* Makes a single change to an existing entry in the directory and
* allows you to specify preferences for this LDAP modify operation
* by using an LDAPConstraints object. For
* example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
* LDAPModification objects to specify the
* changes to make. Each change must be specified by
* an LDAPModification object, and you must specify each
* attribute value to modify, add, or remove by an LDAPAttribute
* object. LDAPConstraints object. For
* example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
*
* The LDAPModification object specifies both the change to make and
* the LDAPAttribute value to be changed.
*
* @param dn distinguished name of the entry to modify
* @param mod a single change to make to an entry
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPModification
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue modify( String dn,
LDAPModification mod,
LDAPResponseQueue listener )
throws LDAPException{
return modify( dn, mod, listener, _defaultConstraints );
}
/**
* Makes a single change to an existing entry in the directory. For
* example, it changes the value of an attribute, adds a new attribute
* value, or removes an existing attribute value).
* The LDAPModification object specifies both the change to make and
* the LDAPAttribute value to be changed.
*
* @param dn distinguished name of the entry to modify
* @param mod a single change to make to an entry
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPModification
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
public LDAPResponseQueue modify( String dn,
LDAPModification mod,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException{
if (cons == null) {
cons = _defaultConstraints;
}
internalBind (cons);
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
LDAPModification[] modList = { mod };
sendRequest (new JDAPModifyRequest (dn, modList), listener, cons);
return listener;
}
/**
* Reads the entry for the specified distiguished name (DN) and retrieves
* all attributes for the entry.
*
* String findDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* LDAPEntry foundEntry = null;
* try {
* foundEntry = myConn.read( findDN );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified entry does not exist." );
* break;
* case e.LDAP_PARTIAL_RESULTS:
* System.out.println( "Entry served by a different LDAP server." );
* break;
* case e.INSUFFICIENT_ACCESS_RIGHTS:
* System.out.println( "You do not have the access rights to perform this operation." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Could not read the specified entry." );
* break;
* }
* return;
* }
* System.out.println( "Found the specified entry." );
*
*
* @param DN distinguished name of the entry to retrieve
* @exception LDAPException Failed to find or read the specified entry
* from the directory.
* @return LDAPEntry returns the specified entry or raises an exception
* if the entry is not found.
*/
public LDAPEntry read( String DN ) throws LDAPException {
return read( DN, null, _defaultConstraints );
}
/**
* Reads the entry for the specified distiguished name (DN) and retrieves all
* attributes for the entry. This method allows the user to specify the
* preferences for the read operation.
*
* String findDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* LDAPEntry foundEntry = null;
* try {
* foundEntry = myConn.read( findDN );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified entry does not exist." );
* break;
* case e.LDAP_PARTIAL_RESULTS:
* System.out.println( "Entry served by a different LDAP server." );
* break;
* case e.INSUFFICIENT_ACCESS_RIGHTS:
* System.out.println( "You do not have the access rights to perform this operation." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Could not read the specified entry." );
* break;
* }
* return;
* }
* System.out.println( "Found the specified entry." );
*
*
* @param DN distinguished name of the entry to retrieve
* @param cons preferences for the read operation
* @exception LDAPException Failed to find or read the specified entry
* from the directory.
* @return LDAPEntry returns the specified entry or raises an exception
* if the entry is not found.
*/
public LDAPEntry read( String DN, LDAPSearchConstraints cons )
throws LDAPException {
return read( DN, null, cons );
}
/**
* Reads the entry for the specified distinguished name (DN) and
* retrieves only the specified attributes from the entry.
* cn and
* sn attributes.
* The example prints out all attributes that have been retrieved
* (the two specified attributes).
*
* String findDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* LDAPEntry foundEntry = null;
* String getAttrs[] = { "cn", "sn" };
* try {
* foundEntry = myConn.read( findDN, getAttrs );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified entry does not exist." );
* break;
* case e.LDAP_PARTIAL_RESULTS:
* System.out.println( "Entry served by a different LDAP server." );
* break;
* case e.INSUFFICIENT_ACCESS_RIGHTS:
* System.out.println( "You do not have the access " +
* "rights to perform this operation." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Could not read the specified entry." );
* break;
* }
* return;
* }
*
* LDAPAttributeSet foundAttrs = foundEntry.getAttributeSet();
* int size = foundAttrs.size();
* Iterator enumAttrs = foundAttrs.iterator();
* System.out.println( "Attributes: " );
*
* while ( enumAttrs.hasMore() ) {
* LDAPAttribute anAttr = ( LDAPAttribute )enumAttrs.next();
* String attrName = anAttr.getName();
* System.out.println( "\t" + attrName );
* Enumeration enumVals = anAttr.getStringValues();
* while ( enumVals.hasMoreElements() ) {
* String aVal = ( String )enumVals.nextElement();
* System.out.println( "\t\t" + aVal );
* }
* }
*
*
* @param DN distinguished name of the entry to retrieve
* @param attrs names of attributes to retrieve
* @return LDAPEntry returns the specified entry (or raises an
* exception if the entry is not found).
* @exception LDAPException Failed to read the specified entry from
* the directory.
*/
public LDAPEntry read( String DN, String attrs[] ) throws LDAPException {
return read( DN, attrs, _defaultConstraints );
}
/**
* Reads the entry for the specified distinguished name (DN) and
* retrieves only the specified attributes from the entry.
* cn and
* sn attributes.
* The example prints out all attributes that have been retrieved
* (the two specified attributes).
*
* String findDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* LDAPEntry foundEntry = null;
* String getAttrs[] = { "cn", "sn" };
* try {
* foundEntry = myConn.read( findDN, getAttrs );
* } catch ( LDAPException e ) {
* switch( e.getResultCode() ) {
* case e.NO_SUCH_OBJECT:
* System.out.println( "The specified entry does not exist." );
* break;
* case e.LDAP_PARTIAL_RESULTS:
* System.out.println( "Entry served by a different LDAP server." );
* break;
* case e.INSUFFICIENT_ACCESS_RIGHTS:
* System.out.println( "You do not have the access " +
* "rights to perform this operation." );
* break;
* default:
* System.out.println( "Error number: " + e.getResultCode() );
* System.out.println( "Could not read the specified entry." );
* break;
* }
* return;
* }
*
* LDAPAttributeSet foundAttrs = foundEntry.getAttributeSet();
* int size = foundAttrs.size();
* Iterator enumAttrs = foundAttrs.iterator();
* System.out.println( "Attributes: " );
*
* while ( enumAttrs.hasMore() ) {
* LDAPAttribute anAttr = ( LDAPAttribute )enumAttrs.next();
* String attrName = anAttr.getName();
* System.out.println( "\t" + attrName );
* Enumeration enumVals = anAttr.getStringValues();
* while ( enumVals.hasMoreElements() ) {
* String aVal = ( String )enumVals.nextElement();
* System.out.println( "\t\t" + aVal );
* }
* }
*
*
* @param DN distinguished name of the entry to retrieve
* @param attrs names of attributes to retrieve
* @param cons preferences for the read operation
* @return LDAPEntry returns the specified entry (or raises an
* exception if the entry is not found).
* @exception LDAPException Failed to read the specified entry from
* the directory.
*/
public LDAPEntry read( String DN, String attrs[],
LDAPSearchConstraints cons ) throws LDAPException {
LDAPSearchResults results =
search (DN, SCOPE_BASE,
"(|(objectclass=*)(objectclass=ldapsubentry))",
attrs, false, cons);
if ( results == null ) {
return null;
}
LDAPEntry entry = results.next();
// cleanup required for referral connections
while( results.hasMore() ) {
results.next();
}
return entry;
}
/**
* Reads the entry specified by the LDAP URL. search( LDAPUrl ) method instead.)
* String flatURL = "ldap://alway.mcom.com:3890/cn=Barbara Jenson,ou=Product Development,o=Ace Industry,c=US?cn,sn,mail";
* LDAPUrl myURL;
* try {
* myURL = new LDAPUrl( flatURL );
* } catch ( java.net.MalformedURLException e ) {
* System.out.println( "BAD URL!!! BAD, BAD, BAD URL!!!" );
* return;
* }
* LDAPEntry myEntry = null;
* try {
* myEntry = myConn.read( myURL );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* switch( errCode ) {
* case ( e.NO_SUCH_OBJECT ):
* System.out.println( "The specified entry " + myDN +
* " does not exist in the directory." );
* return;
* default:
* System.out.println( "An internal error occurred." );
* return;
* }
* }
*
*
* @param toGet LDAP URL specifying the entry to read
* @return LDAPEntry returns the entry specified by the URL (or raises
* an exception if the entry is not found).
* @exception LDAPException Failed to read the specified entry from
* the directory.
* @see org.ietf.ldap.LDAPUrl
* @see org.ietf.ldap.LDAPConnection#search(org.ietf.ldap.LDAPUrl)
*/
public static LDAPEntry read( LDAPUrl toGet ) throws LDAPException {
return read( toGet, null );
}
/**
* Reads the entry specified by the LDAP URL. search( LDAPUrl ) method instead.)
* String flatURL = "ldap://alway.mcom.com:3890/cn=Barbara Jenson,ou=Product Development,o=Ace Industry,c=US?cn,sn,mail";
* LDAPUrl myURL;
* try {
* myURL = new LDAPUrl( flatURL );
* } catch ( java.net.MalformedURLException e ) {
* System.out.println( "BAD URL!!! BAD, BAD, BAD URL!!!" );
* return;
* }
* LDAPEntry myEntry = null;
* try {
* myEntry = myConn.read( myURL );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* switch( errCode ) {
* case ( e.NO_SUCH_OBJECT ):
* System.out.println( "The specified entry " + myDN +
* " does not exist in the directory." );
* return;
* default:
* System.out.println( "An internal error occurred." );
* return;
* }
* }
*
*
* @param toGet LDAP URL specifying the entry to read
* @param cons preferences for the read operation
* @return LDAPEntry returns the entry specified by the URL (or raises
* an exception if the entry is not found).
* @exception LDAPException Failed to read the specified entry from
* the directory.
* @see org.ietf.ldap.LDAPUrl
* @see org.ietf.ldap.LDAPConnection#search(org.ietf.ldap.LDAPUrl)
*/
public static LDAPEntry read( LDAPUrl toGet,
LDAPSearchConstraints cons )
throws LDAPException {
if (cons == null) {
cons = new LDAPSearchConstraints();
}
String host = toGet.getHost ();
int port = toGet.getPort();
if (host == null) {
throw new LDAPException ( "no host for connection",
LDAPException.PARAM_ERROR );
}
String[] attributes = toGet.getAttributeArray ();
String DN = toGet.getDN();
LDAPEntry returnValue;
LDAPConnection connection = new LDAPConnection ();
if (toGet.isSecure()) {
LDAPSocketFactory factory = toGet.getSocketFactory();
if (factory == null) {
throw new LDAPException("No socket factory for LDAPUrl",
LDAPException.OTHER);
}
connection.setSocketFactory(factory);
}
connection.connect (host, port);
returnValue = connection.read (DN, attributes, cons);
connection.disconnect ();
return returnValue;
}
/**
* Disconnect from the server and then reconnect using the current
* credentials and authentication method
* @exception LDAPException if not previously connected, or if
* there is a failure on disconnecting or on connecting
*/
public void reconnect() throws LDAPException {
disconnect();
connect();
if (_saslBinder != null) {
_saslBinder.bind(this, true);
_authMethod = "sasl";
} else {
internalBind (_protocolVersion, true, _defaultConstraints);
}
}
/**
* Deregisters an object so that it will no longer be notified on
* arrival of an unsolicited message from a server. If the object is
* null or was not previously registered for unsolicited notifications,
* the method does nothing.
*/
public void removeUnsolicitedNotificationListener(
LDAPUnsolicitedNotificationListener listener ) {
}
/**
* Renames an existing entry in the directory.
* cn=Barbara
* cn=Babs
*
* The following example renames an entry. The old name of the entry
* is kept as a value in the entry.
* ...
* String myEntryDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* String newRDN = "cn=Babs Jensen";
* myConn.rename( myEntryDN, newRDN, false );
* ...
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry (for example,
* "cn=newName")
* @param deleteOldRDN if true, the old name is not retained
* as an attribute value (for example, the attribute value "cn=oldName" is
* removed). If false, the old name is retained
* as an attribute value (for example, the entry might now have two values
* for the cn attribute: "cn=oldName" and "cn=newName").
* @exception LDAPException Failed to rename the specified entry.
*/
public void rename( String DN, String newRDN, boolean deleteOldRDN )
throws LDAPException {
rename( DN, newRDN, null, deleteOldRDN );
}
/**
* Renames an existing entry in the directory.
* cn=Barbara
* cn=Babs
*
* The following example renames an entry. The old name of the entry
* is kept as a value in the entry.
* ...
* String myEntryDN = "cn=Barbara Jensen,ou=Product Development,o=Ace Industry,c=US";
* String newRDN = "cn=Babs Jensen";
* myConn.rename( myEntryDN, newRDN, false );
* ...
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry (for example,
* "cn=newName")
* @param deleteOldRDN if true, the old name is not retained
* as an attribute value (for example, the attribute value "cn=oldName" is
* removed). If false, the old name is retained
* as an attribute value (for example, the entry might now have two values
* for the cn attribute: "cn=oldName" and "cn=newName").
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to rename the specified entry.
*/
public void rename( String DN, String newRDN, boolean deleteOldRDN,
LDAPConstraints cons )
throws LDAPException {
rename( DN, newRDN, null, deleteOldRDN, cons );
}
/**
* Renames an existing entry in the directory and (optionally)
* changes the location of the entry in the directory tree.newParentDN
* argument, an LDAPException will be thrown.
* true, the old name is not retained
* as an attribute value (for example, the attribute value "cn=oldName" is
* removed). If false, the old name is retained
* as an attribute value (for example, the entry might now have two values
* for the cn attribute: "cn=oldName" and "cn=newName").
* @exception LDAPException Failed to rename the specified entry.
*/
public void rename( String DN,
String newRDN,
String newParentDN,
boolean deleteOldRDN ) throws LDAPException {
rename( DN, newRDN, newParentDN, deleteOldRDN, _defaultConstraints );
}
/**
* Renames an existing entry in the directory and (optionally)
* changes the location of the entry in the directory tree. Also
* allows you to specify preferences for this LDAP modify DN operation
* by using an LDAPConstraints object. For
* example, you can specify whether or not to follow referrals.
* You can also apply LDAP v3 controls to the operation.
* newParentDN
* argument, an LDAPException will be thrown.
* true, the old name is not retained
* as an attribute value (for example, the attribute value "cn=oldName" is
* removed). If false, the old name is retained
* as an attribute value (for example, the entry might now have two values
* for the cn attribute: "cn=oldName" and "cn=newName").
* @param cons the set of preferences to apply to this operation
* @exception LDAPException Failed to rename the specified entry.
* @see org.ietf.ldap.LDAPConstraints
*/
public void rename ( String DN,
String newRDN,
String newParentDN,
boolean deleteOldRDN,
LDAPConstraints cons )
throws LDAPException {
internalBind (cons);
LDAPResponseQueue myListener = getResponseListener ();
try {
JDAPModifyRDNRequest request = null;
if ( newParentDN != null ) {
request = new JDAPModifyRDNRequest( DN,
newRDN,
deleteOldRDN,
newParentDN );
} else {
request = new JDAPModifyRDNRequest( DN,
newRDN,
deleteOldRDN );
}
sendRequest (request, myListener, cons);
LDAPMessage response = myListener.getResponse();
checkMsg (response);
} catch (LDAPReferralException e) {
performReferrals(e, cons, JDAPProtocolOp.MODIFY_RDN_REQUEST,
DN, 0, newRDN, null, deleteOldRDN, null, null,
null, null);
} finally {
releaseResponseListener (myListener);
}
}
/**
* Renames an existing entry in the directory.
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry
* @param deleteOldRDN if true, the old name is not retained as an
* attribute value
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue rename( String DN,
String newRDN,
boolean deleteOldRDN,
LDAPResponseQueue listener )
throws LDAPException{
return rename( DN, newRDN, deleteOldRDN, listener,
_defaultConstraints );
}
/**
* Renames an existing entry in the directory.
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry
* @param deleteOldRDN if true, the old name is not retained as an attribute
* value
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @param cons constraints specific to the operation
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
* @see org.ietf.ldap.LDAPConstraints
*/
public LDAPResponseQueue rename( String DN,
String newRDN,
boolean deleteOldRDN,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException{
if (cons == null) {
cons = _defaultConstraints;
}
internalBind (cons);
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
sendRequest (new JDAPModifyRDNRequest (DN, newRDN, deleteOldRDN),
listener, cons);
return listener;
}
/**
* Renames an existing entry in the directory.
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry
* @param newParentDN if not null, the distinguished name for the
* entry under which the entry should be moved (for example, to move
* an entry under the Accounting subtree, specify this argument as
* "ou=Accounting, o=Ace Industry, c=US")
* @param deleteOldRDN if true, the old name is not retained as an
* attribute value
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue rename( String DN,
String newRDN,
String newParentDN,
boolean deleteOldRDN,
LDAPResponseQueue listener )
throws LDAPException{
return rename( DN, newRDN, newParentDN, deleteOldRDN, listener,
_defaultConstraints );
}
/**
* Renames an existing entry in the directory.
*
* @param DN current distinguished name of the entry
* @param newRDN new relative distinguished name for the entry
* @param newParentDN if not null, the distinguished name for the
* entry under which the entry should be moved (for example, to move
* an entry under the Accounting subtree, specify this argument as
* "ou=Accounting, o=Ace Industry, c=US")
* @param deleteOldRDN if true, the old name is not retained as an
* attribute value
* @param listener handler for messages returned from a server in response
* to this request. If it is null, a listener object is created internally.
* @return LDAPResponseQueue handler for messages returned from a server
* in response to this request.
* @exception LDAPException Failed to send request.
* @see org.ietf.ldap.LDAPResponseQueue
*/
public LDAPResponseQueue rename( String DN,
String newRDN,
String newParentDN,
boolean deleteOldRDN,
LDAPResponseQueue listener,
LDAPConstraints cons )
throws LDAPException{
if (cons == null) {
cons = _defaultConstraints;
}
internalBind (cons);
if (listener == null) {
listener = new LDAPResponseQueue(/*asynchOp=*/true);
}
JDAPModifyRDNRequest request;
if ( newParentDN != null ) {
request = new JDAPModifyRDNRequest( DN,
newRDN,
deleteOldRDN,
newParentDN );
} else {
request = new JDAPModifyRDNRequest( DN,
newRDN,
deleteOldRDN );
}
sendRequest( request, listener, cons );
return listener;
}
/**
* Performs the search specified by the LDAP URL. ou=Product Development,o=Ace Industry,c=US subtree of a
* directory. The example gets and prints the mail attribute for each entry
* found.
* String flatURL = "ldap://alway.mcom.com:3890/ou=Product Development,o=Ace Industry,c=US?mail?sub?objectclass=*";
* LDAPUrl myURL;
* try {
* myURL = new LDAPUrl( flatURL );
* } catch ( java.net.MalformedURLException e ) {
* System.out.println( "Incorrect URL syntax." );
* return;
* }
*
* LDAPSearchResults myResults = null;
* try {
* myResults = myConn.search( myURL );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* System.out.println( "LDAPException: return code:" + errCode );
* return;
* }
*
* while ( myResults.hasMore() ) {
* LDAPEntry myEntry = myResults.next();
* String nextDN = myEntry.getDN();
* System.out.println( nextDN );
* LDAPAttributeSet entryAttrs = myEntry.getAttributeSet();
* Iterator attrsInSet = entryAttrs.iterator();
* while ( attrsInSet.hasMore() ) {
* LDAPAttribute nextAttr = (LDAPAttribute)attrsInSet.next();
* String attrName = nextAttr.getName();
* System.out.print( "\t" + attrName + ": " );
* Enumeration valsInAttr = nextAttr.getStringValues();
* while ( valsInAttr.hasMoreElements() ) {
* String nextValue = (String)valsInAttr.nextElement();
* System.out.println( nextValue );
* }
* }
* }
*
* abandon method.
*
* @param toGet LDAP URL representing the search to perform
* @return LDAPSearchResults the results of the search as an enumeration.
* @exception LDAPException Failed to complete the search specified by
* the LDAP URL.
* @see org.ietf.ldap.LDAPUrl
* @see org.ietf.ldap.LDAPSearchResults
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchResults)
*/
public static LDAPSearchResults search( LDAPUrl toGet )
throws LDAPException {
return search( toGet, null );
}
/**
* Performs the search specified by the LDAP URL. This method also
* allows you to specify constraints for the search (such as the
* maximum number of entries to find or the
* maximum time to wait for search results).
* LDAPSearchConstraints mySearchConstraints = myConn.getSearchConstraints();
* mySearchConstraints.setMaxResults( 5 );
* String flatURL = "ldap://alway.mcom.com:3890/ou=Product Development,o=Ace Industry,c=US?mail?sub?objectclass=*";
* LDAPUrl myURL;
* try {
* myURL = new LDAPUrl( flatURL );
* } catch ( java.net.MalformedURLException e ) {
* System.out.println( "Incorrect URL syntax." );
* return;
* }
* LDAPSearchResults myResults = null;
* try {
* myResults = myConn.search( myURL, mySearchConstraints );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* System.out.println( "LDAPException: return code:" + errCode );
* return;
* }
*
* abandon method.
*
* @param toGet LDAP URL representing the search to run
* @param cons constraints specific to the search
* @return LDAPSearchResults the results of the search as an enumeration.
* @exception LDAPException Failed to complete the search specified
* by the LDAP URL.
* @see org.ietf.ldap.LDAPUrl
* @see org.ietf.ldap.LDAPSearchResults
* @see org.ietf.ldap.LDAPConnection#abandon(org.ietf.ldap.LDAPSearchResults)
*/
public static LDAPSearchResults search( LDAPUrl toGet,
LDAPSearchConstraints cons )
throws LDAPException {
String host = toGet.getHost ();
int port = toGet.getPort();
if (host == null) {
throw new LDAPException ( "no host for connection",
LDAPException.PARAM_ERROR );
}
String[] attributes = toGet.getAttributeArray ();
String DN = toGet.getDN();
String filter = toGet.getFilter();
if (filter == null) {
filter = defaultFilter;
}
int scope = toGet.getScope ();
LDAPConnection connection = new LDAPConnection ();
if (toGet.isSecure()) {
LDAPSocketFactory factory = toGet.getSocketFactory();
if (factory == null) {
throw new LDAPException("No socket factory for LDAPUrl",
LDAPException.OTHER);
}
connection.setSocketFactory(factory);
}
connection.connect (host, port);
LDAPSearchResults results;
if (cons != null) {
results = connection.search (DN, scope, filter, attributes, false, cons);
} else {
results = connection.search (DN, scope, filter, attributes, false);
}
results.closeOnCompletion(connection);
return results;
}
/**
* Performs the search specified by the criteria that you enter. ou=Product Development,o=Ace Industry,c=US subtree of a
* directory. The example gets and prints the mail attribute for each entry
* found.
* String myBaseDN = "ou=Product Development,o=Ace Industry,c=US";
* String myFilter="(objectclass=*)";
* String[] myAttrs = { "mail" };
*
* LDAPSearchResults myResults = null;
* try {
* myResults = myConn.search( myBaseDN, LDAPConnection.SCOPE_SUB, myFilter, myAttrs, false );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* System.out.println( "LDAPException: return code:" + errCode );
* return;
* }
*
* while ( myResults.hasMore() ) {
* LDAPEntry myEntry = myResults.next();
* String nextDN = myEntry.getDN();
* System.out.println( nextDN );
* LDAPAttributeSet entryAttrs = myEntry.getAttributeSet();
* Iterator attrsInSet = entryAttrs.iterator();
* while ( attrsInSet.hasMore() ) {
* LDAPAttribute nextAttr = (LDAPAttribute)attrsInSet.next();
* String attrName = nextAttr.getName();
* System.out.println( "\t" + attrName + ":" );
* Enumeration valsInAttr = nextAttr.getStringValues();
* while ( valsInAttr.hasMoreElements() ) {
* String nextValue = (String)valsInAttr.nextElement();
* System.out.println( "\t\t" + nextValue );
* }
* }
* }
*
* abandon method.
*
* @param base the base distinguished name from which to search
* @param scope the scope of the entries to search. You can specify one
* of the following:
*
* LDAPConnection.SCOPE_BASE (search only the base DN) LDAPConnection.SCOPE_ONE
* (search only entries under the base DN) LDAPConnection.SCOPE_SUB
* (search the base DN and all entries within its subtree)
* String myBaseDN = "ou=Product Development,o=Ace Industry,c=US";
* String myFilter="(objectclass=*)";
* String[] myAttrs = { "mail" };
* LDAPSearchConstraints mySearchConstraints = myConn.getSearchConstraints();
* mySearchConstraints.setMaxResults( 5 );
*
* LDAPSearchResults myResults = null;
* try {
* myResults = myConn.search( myBaseDN, LDAPConnection.SCOPE_SUB, myFilter, myAttrs, false, mySearchConstraints );
* } catch ( LDAPException e ) {
* int errCode = e.getResultCode();
* System.out.println( "LDAPException: return code:" + errCode );
* return;
* }
*
* abandon method.
*
* @param base the base distinguished name from which to search
* @param scope the scope of the entries to search. You can specify one
* of the following:
*
* LDAPConnection.SCOPE_BASE (search only the base DN) LDAPConnection.SCOPE_ONE
* (search only entries under the base DN) LDAPConnection.SCOPE_SUB
* (search the base DN and all entries within its subtree) abandon method.
*
* @param base the base distinguished name from which to search
* @param scope the scope of the entries to search. You can specify one
* of the following:
*
* LDAPConnection.SCOPE_BASE (search only the base DN) LDAPConnection.SCOPE_ONE
* (search only entries under the base DN) LDAPConnection.SCOPE_SUB
* (search the base DN and all entries within its subtree) abandon method.
*
* @param base the base distinguished name from which to search
* @param scope the scope of the entries to search. You can specify one
* of the following:
*
* LDAPConnection.SCOPE_BASE (search only the base DN) LDAPConnection.SCOPE_ONE
* (search only entries under the base DN) LDAPConnection.SCOPE_SUB
* (search the base DN and all entries within its subtree) LDAPCache object as the
* cache for the LDAPConnection object.
* LDAPCache object representing
* the cache that the current connection should use
* @see org.ietf.ldap.LDAPCache
* @see org.ietf.ldap.LDAPConnection#getCache
*/
public void setCache( LDAPCache cache ) {
if ( _cache != null ) {
_cache.removeReference();
}
if ( cache != null ) {
cache.addReference();
}
_cache = cache;
if ( _thread != null ) {
_thread.setCache( cache );
}
}
/**
* Specifies the maximum time to wait for the connection to be established.
* If the value is 0, the time is not limited.
* @param timeout the maximum connect time in seconds or 0 (unlimited)
*/
public void setConnectTimeout (int timeout) {
if ( timeout < 0 ) {
throw new IllegalArgumentException(
"Timeout value can not be negative" );
}
_connectTimeout = timeout;
if ( _connMgr != null ) {
_connMgr.setConnectTimeout( _connectTimeout );
}
}
/**
* Specifies the delay in seconds when making concurrent connection attempts to
* multiple servers.
* connect method.
*
*
If the serial policy is selected, the default one, an attempt is made to
* connect to the first host in the list. The next entry in
* the list is tried only if the attempt to connect to the current host fails.
* This might cause your application to block for unacceptably long time if a host is down.
*
*
If the parallel policy is selected, multiple connection attempts may run
* concurrently on a separate thread. A new connection attempt to the next entry
* in the list can be started with or without delay.
* ConnSetupDelay before making the call to the
* connect method.
*
* @param delay the delay in seconds between connection attempts. Possible values are:
* NODELAY_SERIAL Use the serial connection setup policy.
* NODELAY_PARALLEL Use the parallel connection setup policy with no delay.
* Start all connection setup threads immediately.
* delay > 0 Use the parallel connection setup policy with delay.
* Start another connection setup thread after delay seconds.
* @see org.ietf.ldap.LDAPConnection#NODELAY_SERIAL
* @see org.ietf.ldap.LDAPConnection#NODELAY_PARALLEL
* @see org.ietf.ldap.LDAPConnection#connect(java.lang.String, int)
*/
public void setConnSetupDelay( int delay ) {
_connSetupDelay = delay;
if ( _connMgr != null ) {
_connMgr.setConnSetupDelay( delay );
}
}
/**
* Set the default constraint set for all operations.
* @param cons LDAPConstraints object to use as the default
* constraint set
* @see org.ietf.ldap.LDAPConnection#getConstraints
* @see org.ietf.ldap.LDAPConstraints
*/
public void setConstraints( LDAPConstraints cons ) {
_defaultConstraints.setHopLimit( cons.getHopLimit() );
_defaultConstraints.setReferralFollowing( cons.getReferralFollowing() );
_defaultConstraints.setTimeLimit( cons.getTimeLimit() );
_defaultConstraints.setReferralHandler( cons.getReferralHandler() );
LDAPControl[] tServerControls = cons.getControls();
LDAPControl[] oServerControls = null;
if ( (tServerControls != null) &&
(tServerControls.length > 0) ) {
oServerControls =
new LDAPControl[tServerControls.length];
for( int i = 0; i < tServerControls.length; i++ ) {
oServerControls[i] = (LDAPControl)tServerControls[i].clone();
}
}
_defaultConstraints.setControls( oServerControls );
if ( cons instanceof LDAPSearchConstraints ) {
LDAPSearchConstraints scons = (LDAPSearchConstraints)cons;
_defaultConstraints.setServerTimeLimit( scons.getServerTimeLimit() );
_defaultConstraints.setDereference( scons.getDereference() );
_defaultConstraints.setMaxResults( scons.getMaxResults() );
_defaultConstraints.setBatchSize( scons.getBatchSize() );
_defaultConstraints.setMaxBacklog( scons.getMaxBacklog() );
}
}
/**
* Sets the stream for reading from the listener socket if
* there is one
*
* @param is the stream for reading from the listener socket
*/
public void setInputStream( InputStream is ) {
if ( _thread != null ) {
_thread.setInputStream( is );
}
}
/**
* Sets the stream for writing to the socket
*
* @param os the stream for writing to the socket, if there is one
*/
public void setOutputStream( OutputStream os ) {
if ( _thread != null ) {
_thread.setOutputStream( os );
}
}
/**
* Sets a global property of the connection.
* The following properties are defined:
* com.org.ietf.ldap.schema.quoting - "standard" or "NetscapeBug"
* Note: if this property is not set, the SDK will query the server
* to determine if attribute syntax values and objectclass superior
* values must be quoted when adding schema.
* com.org.ietf.ldap.saslpackage - the default is "com.netscape.sasl"
* LDAPSearchConstraints object to use as the
* default constraint set
* @see org.ietf.ldap.LDAPConnection#getSearchConstraints
* @see org.ietf.ldap.LDAPSearchConstraints
*/
public void setSearchConstraints( LDAPSearchConstraints cons ) {
_defaultConstraints = (LDAPSearchConstraints)cons.clone();
}
/**
* Specifies the object representing the socket factory that you
* want to use to establish a connection to a server.
* LDAPConnection object. getSearchConstraints method.
*
*
* LDAPConstraints object (or a
* LDAPSearchConstraints object for a search or find operation)
* with your new constraints
* and pass it to the LDAPConnection method that performs the
* operation.
* setOption method to change the constraint.
* LDAPSearchConstraints object.)
*
* LDAPConnection ld = new LDAPConnection();
* int sizeLimit = ( (Integer)ld.getOption( LDAPConnection.SIZELIMIT ) ).intValue();
* System.out.println( "Maximum number of results: " + sizeLimit );
*
*
* @param option you can specify one of the following options:
*
*
*
* Option Data Type Description
*
* LDAPConnection.PROTOCOL_VERSIONIntegerSpecifies the version of the LDAP protocol used by the
* client.
*
*
* LDAPConnection.DEREFIntegerSpecifies when your client dereferences aliases.
*
* Legal values for this option are:
*
* DEREF_NEVER Aliases are never dereferenced.
*
* DEREF_FINDING Aliases are dereferenced when find-
* ing the starting point for the
* search (but not when searching
* under that starting entry).
*
* DEREF_SEARCHING Aliases are dereferenced when
* searching the entries beneath the
* starting point of the search (but
* not when finding the starting
* entry).
*
* DEREF_ALWAYS Aliases are always dereferenced.
*
* DEREF_NEVER.
*
* LDAPConnection.SIZELIMITIntegerSpecifies the maximum number of search results to return.
* If this option is set to 0, there is no maximum limit.
*
*
* LDAPConnection.TIMELIMITIntegerSpecifies the maximum number of milliseconds to wait for results
* before timing out. If this option is set to 0, there is no maximum
* time limit.
*
*
* LDAPConnection.REFERRALSBooleanSpecifies whether or not your client follows referrals automatically.
* If true, your client follows referrals automatically.
* If false, an LDAPReferralException is raised
* when referral is detected.
* false.
*
* LDAPConnection.REFERRALS_REBIND_PROCLDAPAuthHandlerSpecifies an object with a class that implements the
* LDAPAuthHandler interface. You must define this class and
* the getAuthProvider method that will be used to
* get the distinguished name and password to use for authentication.
* Modifying this option sets the LDAPConnection.BIND option to null.
* null.
*
* LDAPConnection.BINDLDAPBindSpecifies an object with a class that implements the
* LDAPBind
* interface. You must define this class and the
* bind method that will be used to authenticate
* to the server on referrals. Modifying this option sets the
* LDAPConnection.REFERRALS_REBIND_PROC to null.
* null.
*
* LDAPConnection.REFERRALS_HOP_LIMITIntegerSpecifies the maximum number of referrals in a sequence that
* your client will follow. (For example, if REFERRALS_HOP_LIMIT is 5,
* your client will follow no more than 5 referrals in a row when resolving
* a single LDAP request.)
*
*
* LDAPConnection.BATCHSIZEIntegerSpecifies the number of search results to return at a time.
* (For example, if BATCHSIZE is 1, results are returned one at a time.)
* LDAPControl[]Specifies the client controls that may affect the handling of LDAP
* operations in the LDAP classes. These controls are used by the client
* and are not passed to the LDAP server. At this time, no client controls
* are defined for clients built with the Netscape LDAP classes.
*
*
* LDAPConnection.SERVERCONTROLSLDAPControl[]Specifies the server controls that are passed to the LDAP
* server on each LDAP operation. Not all servers support server
* controls; a particular server may or may not support a given
* server control.
*
* MAXBACKLOGIntegerSpecifies the maximum number of search results to accumulate in an
* LDAPSearchResults before suspending the reading of input from the server.
* Integer.)
* @exception LDAPException Failed to get the specified option.
* @see org.ietf.ldap.LDAPAuthHandler
* @see org.ietf.ldap.LDAPConstraints
* @see org.ietf.ldap.LDAPSearchConstraints
* @see org.ietf.ldap.LDAPReferralException
* @see org.ietf.ldap.LDAPControl
* @see org.ietf.ldap.LDAPConnection#getSearchConstraints
* @see org.ietf.ldap.LDAPConnection#search(java.lang.String, int, java.lang.String, java.lang.String[], boolean, org.ietf.ldap.LDAPSearchConstraints)
*/
public Object getOption( int option ) throws LDAPException {
if (option == LDAPConnection.PROTOCOL_VERSION) {
return new Integer(_protocolVersion);
}
return getOption(option, _defaultConstraints);
}
private static Object getOption( int option, LDAPSearchConstraints cons )
throws LDAPException {
switch (option) {
case LDAPConnection.DEREF:
return new Integer (cons.getDereference());
case LDAPConnection.SIZELIMIT:
return new Integer (cons.getMaxResults());
case LDAPConnection.TIMELIMIT:
return new Integer (cons.getServerTimeLimit());
case LDAPConnection.REFERRALS:
return new Boolean (cons.getReferralFollowing());
case LDAPConnection.REFERRALS_REBIND_PROC:
return cons.getReferralHandler();
case LDAPConnection.REFERRALS_HOP_LIMIT:
return new Integer (cons.getHopLimit());
case LDAPConnection.BATCHSIZE:
return new Integer (cons.getBatchSize());
case LDAPConnection.SERVERCONTROLS:
return cons.getControls();
case MAXBACKLOG:
return new Integer (cons.getMaxBacklog());
default:
throw new LDAPException ( "invalid option",
LDAPException.PARAM_ERROR );
}
}
/**
* Sets the value of the specified option for this
* LDAPConnection object. getSearchConstraints method.
* LDAPConstraints object (or a
* LDAPSearchConstraints object for a search or find operation)
* with your new constraints
* and pass it to the LDAPConnection method that performs the
* operation.
* LDAPSearchConstraints object.)
*
* LDAPConnection ld = new LDAPConnection();
* Integer newLimit = new Integer( 20 );
* ld.setOption( LDAPConnection.SIZELIMIT, newLimit );
* System.out.println( "Changed the maximum number of results to " + newLimit.intValue() );
*
*
* @param option you can specify one of the following options:
*
*
*
* Option Data Type Description
*
* LDAPConnection.PROTOCOL_VERSIONIntegerSpecifies the version of the LDAP protocol used by the
* client.
*
*
* LDAPConnection.DEREFIntegerSpecifies when your client dereferences aliases.
*
* Legal values for this option are:
*
* DEREF_NEVER Aliases are never dereferenced.
*
* DEREF_FINDING Aliases are dereferenced when find-
* ing the starting point for the
* search (but not when searching
* under that starting entry).
*
* DEREF_SEARCHING Aliases are dereferenced when
* searching the entries beneath the
* starting point of the search (but
* not when finding the starting
* entry).
*
* DEREF_ALWAYS Aliases are always dereferenced.
*
* DEREF_NEVER.
*
* LDAPConnection.SIZELIMITIntegerSpecifies the maximum number of search results to return.
* If this option is set to 0, there is no maximum limit.
*
*
* LDAPConnection.TIMELIMITIntegerSpecifies the maximum number of milliseconds to wait for results
* before timing out. If this option is set to 0, there is no maximum
* time limit.
*
*
* LDAPConnection.REFERRALSBooleanSpecifies whether or not your client follows referrals automatically.
* If true, your client follows referrals automatically.
* If false, an LDAPReferralException is
* raised when a referral is detected.
* false.
*
* LDAPConnection.REFERRALS_REBIND_PROCLDAPAuthHandlerSpecifies an object with a class that implements the
* LDAPAuthHandler
* interface. You must define this class and the
* getAuthProvider method that will be used to get
* the distinguished name and password to use for authentication.
* Modifying this option sets the LDAPConnection.BIND option to null.
* null.
*
* LDAPConnection.BINDLDAPBindSpecifies an object with a class that implements the
* LDAPBind
* interface. You must define this class and the
* bind method that will be used to autheniticate
* to the server on referrals. Modifying this option sets the
* LDAPConnection.REFERRALS_REBIND_PROC to null.
* null.
*
* LDAPConnection.REFERRALS_HOP_LIMITIntegerSpecifies the maximum number of referrals in a sequence that
* your client will follow. (For example, if REFERRALS_HOP_LIMIT is 5,
* your client will follow no more than 5 referrals in a row when resolving
* a single LDAP request.)
*
*
* LDAPConnection.BATCHSIZEIntegerSpecifies the number of search results to return at a time.
* (For example, if BATCHSIZE is 1, results are returned one at a time.)
* LDAPControl[]Specifies the client controls that may affect handling of LDAP
* operations in the LDAP classes. These controls are used by the client
* and are not passed to the server. At this time, no client controls
* are defined for clients built with the Netscape LDAP classes.
*
*
* LDAPConnection.SERVERCONTROLSLDAPControl[]Specifies the server controls that are passed to the LDAP
* server on each LDAP operation. Not all servers support server
* controls; a particular server may or may not support a particular
* control.
*
* MAXBACKLOGIntegerSpecifies the maximum number of search results to accumulate in an
* LDAPSearchResults before suspending the reading of input from the server.
* true if the class is running in a Netscape browser.
*/
public static boolean isNetscape() {
return isCommunicator;
}
static void printDebug( String msg ) {
if ( debug ) {
System.out.println( msg );
}
}
/**
* Returns the string representation for this LDAPConnection.
* LDAPConnection {ldap://dilly:389 (2) ldapVersion:3 bindDN:
* "uid=admin,o=iplanet.com"}
*
* For cloned connections, the number of LDAPConnection instances sharing
* the same physical connection is shown in parenthesis following the ldap
* url.
* If an LDAPConnection objectis not cloned, this number is omitted from
* the string representation.
*
* @return string representation of the connection
* @see org.ietf.ldap.LDAPConnection#clone
*/
public String toString() {
int cloneCnt = (_thread == null) ? 0 : _thread.getClientCount();
StringBuffer sb = new StringBuffer( "LDAPConnection {" );
//url
// sb.append( (isSecure() ? "ldaps" : "ldap") );
sb.append( "ldap" );
sb.append( "://" );
sb.append( getHost() );
sb.append( ":" );
sb.append( getPort() );
// clone count
if ( cloneCnt > 1 ) {
sb.append( " (" );
sb.append( cloneCnt );
sb.append( ")" );
}
// ldap version
sb.append( " ldapVersion:" );
sb.append( _protocolVersion );
// bind DN
sb.append( " bindDN:\"" );
if ( getAuthenticationDN() != null ) {
sb.append( getAuthenticationDN() );
}
sb.append( "\"}" );
return sb.toString();
}
/**
* Prints out the LDAP Java SDK version and the highest LDAP
* protocol version supported by the SDK. To view this
* information, open a terminal window, and enter:
* java org.ietf.ldap.LDAPConnection
*
* @param args not currently used
*/
public static void main(String[] args) {
System.out.println( "LDAP SDK Version is " + SdkVersion );
System.out.println( "LDAP Protocol Version is " + ProtocolVersion );
}
/**
* Option specifying the maximum number of unread results to be cached in
* any LDAPSearchResults without suspending reading from the server
* @see org.ietf.ldap.LDAPConnection#getOption
* @see org.ietf.ldap.LDAPConnection#setOption
*/
public static final int MAXBACKLOG = 30;
private static boolean isCommunicator = checkCommunicator();
private static boolean debug = false;
}