LDAP Attribute Source

LdapPersonAttributeDao

Designed to query an LDAP server for a set of user attributes mapping one set of returned Attributes to one user.

Setting up a LdapPersonAttributeDao in Spring to would look like the following:

<bean id="ldapPersonAttributeDao" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
    <property name="contextSource" ref="contextSource" />
    <property name="baseDN" value="o=example.com,o=isp" />
    <property name="queryAttributeMapping">
        <map>
            <entry key="username" value="uid" />
        </map>
    </property>
    <property name="resultAttributeMapping">
        <map>
            <entry key="uid" value="username" />
            <entry key="givenname" value="first_name" />
            <entry key="sn" value="last_name" />
            <entry key="mail" value="email" />
        </map>
    </property>
</bean>

This configuration maps the query attribute 'username' to the attribute 'uid' for use in the LDAP query and maps the result attributes back to custom keys. The DAO generates the LDAP filter to use to execute the query under the specified baseDN.

Configuration

LdapPersonAttributeDao has an anonymous contstructor.

Property

Type

Default Value

 

defaultAttribute

String

username

The attribute name to use for calls to IPersonAttributes getPerson(String). A query Map is generated for these calls using the defaultAttribute and the value passed in.

queryAttributeMapping

Map<String, ?>

null

A Map from attribute names used in the Map to attribute names to use in the SQL. The values can be either String or Collection<String> to use a single Map attribute under multiple names as in the SQL. If set only Map attributes listed will be used in the SQL. If not set all Map attributes are used as-is in the SQL.

resultAttributeMapping

Map<String, ?>

null

A Map from SQL result names to returned attribute names. The values can be either String or Collection<String> to use a single SQL result under multiple returned attributes. If set only SQL attributes listed will be returned. If not set all SQL attributes will be returned.

requireAllQueryAttributes

boolean

false

If the SQL should only be run if all attributes listed in the queryAttributeMapping exist in the query Map. Ignored if queryAttributeMapping is null

userNameAttribute

String

null

The name of the returned attribute to use as the username for the resulting IPersons. If null the value of defaultAttribute is used.

queryType

QueryType (enum)

AND

How multiple attributes in a query should be concatenated together. The other option is OR

baseDN

String

null

The base distinguished name to use when executing the query.

contextSource

ContextSource

null

The Spring-LDAP ContextSource for which to use when executing queries

searchControls

SearchControls

new SearchControls()

Controls for query execution; time limits, expected attributes and scope are all options that can be set here

setReturningAttributes

boolean

true

If true the SearchControls object will be updated to reflect the expected return attributes for the query. This can reduce the amount of data transfered from the LDAP server for a result.