LDAP Attribute Source
LdapPersonAttributeDao
Designed to query an LDAP server for a set of user attributes mapping one set of returned Attributes to one user.
Setting up a LdapPersonAttributeDao in Spring to would look like the following:
<bean id="ldapPersonAttributeDao" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> <property name="contextSource" ref="contextSource" /> <property name="baseDN" value="o=example.com,o=isp" /> <property name="queryAttributeMapping"> <map> <entry key="username" value="uid" /> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="uid" value="username" /> <entry key="givenname" value="first_name" /> <entry key="sn" value="last_name" /> <entry key="mail" value="email" /> </map> </property> </bean>
This configuration maps the query attribute 'username' to the attribute 'uid' for use in the LDAP query and maps the result attributes back to custom keys. The DAO generates the LDAP filter to use to execute the query under the specified baseDN.
Configuration
LdapPersonAttributeDao has an anonymous contstructor.
Property |
Type |
Default Value |
|
---|---|---|---|
defaultAttribute |
String |
username |
The attribute name to use for calls to IPersonAttributes getPerson(String). A query Map is generated for these calls using the defaultAttribute and the value passed in. |
queryAttributeMapping |
Map<String, ?> |
null |
A Map from attribute names used in the Map to attribute names to use in the SQL. The values can be either String or Collection<String> to use a single Map attribute under multiple names as in the SQL. If set only Map attributes listed will be used in the SQL. If not set all Map attributes are used as-is in the SQL. |
resultAttributeMapping |
Map<String, ?> |
null |
A Map from SQL result names to returned attribute names. The values can be either String or Collection<String> to use a single SQL result under multiple returned attributes. If set only SQL attributes listed will be returned. If not set all SQL attributes will be returned. |
requireAllQueryAttributes |
boolean |
false |
If the SQL should only be run if all attributes listed in the queryAttributeMapping exist in the query Map. Ignored if queryAttributeMapping is null |
userNameAttribute |
String |
null |
The name of the returned attribute to use as the username for the resulting IPersons. If null the value of defaultAttribute is used. |
queryType |
QueryType (enum) |
AND |
How multiple attributes in a query should be concatenated together. The other option is OR |
baseDN |
String |
null |
The base distinguished name to use when executing the query. |
contextSource |
ContextSource |
null |
The Spring-LDAP ContextSource for which to use when executing queries |
searchControls |
SearchControls |
new SearchControls() |
Controls for query execution; time limits, expected attributes and scope are all options that can be set here |
setReturningAttributes |
boolean |
true |
If true the SearchControls object will be updated to reflect the expected return attributes for the query. This can reduce the amount of data transfered from the LDAP server for a result. |