Creating a LDAP server for your development environment in 5 minutes
June 13th, 2011 by Micha KopsI am currently working on a plugin that needs to receive some information from an LDAP/Active Directory using JNDI. That’s why I needed to set up a directory server in a short time and I didn’t want to waste much effort for here.
Luckily for me the Apache Directory Studio saved my day and allowed me to set up everything I needed in a few minutes.
Short and sweet: In this tutorial I’m going to show you how to configure everything you need in your Eclipse IDE and finally how to query the created LDAP server with a tiny java client using JNDI.
Contents
Prerequisites
You’ll need Java, Eclipse and that’s all ..
Apache Directory Studio Setup
First we’re going to install Apache Directory Studio as Eclipse Plugin ..
Install Eclipse Plugin
- Install the plugin using the update site http://directory.apache.org/studio/update/2.x
- You should at least install Apache Directory Studio Apache DS, Apache Directory Studio LDAP Browser and Apache Directory Studio LDIF Editor here .. or just install everything .. it won’t hurt ..
- If you’re totally unfamiliar with installing a plugin in Eclipse, there is a detailed installation guide for you on the Apache Directory Studio Website.
Create a new LDAP server
Now we want to create a new LDAP server for development ..
- Open the server view by going: Menubar > Window > Show View > Other > Apache DS > Servers
- Rightclick in the server view and select New > New server
- Enter a name for the server e.g. “ldap-devel” and finish
- You should see your new created server in the server view
- Start your LDAP server by rightclick and run .. after a short time the server’s status should have changed to “started”
- If you take a look at the server’s current configuration you’ll see that the server is configured for the host name ldap.example.com
Creating a connection to the server
We need a connection for the following data import and to query our directory server
- Just right-click on the server in the server view and select LDAP-Browser > Create a connection and let the IDE switch to the LDAP Perspective
- In the LDAP perspective there’s the LDAP Browser, an outline for the directory structure, the connection and server views and the directory logs
Import sample data from a LDIF file
Now we need some data in our directory server – we do not query him for fun! ;)
- We’re going to import some data from an LDIF file .. just copy the following content and save it to a file and open it in the perspectiv. It is important that the last line in the LDIF file is an empty line/newline.
dn: dc=example,dc=com objectClass: domain objectClass: top dc: example dn: ou=Users,dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: Users dn: ou=Groups,dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: Groups dn: cn=Micha Kops,ou=Users,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: Micha Kops sn: Kops uid: mkops userPassword:: abcdefg dn: cn=Santa Claus,ou=Users,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: Santa Claus sn: Claus uid: sclaus userPassword:: abcdefg dn: cn=John Steinbeck,ou=Users,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: John Steinbeck sn: Steinbeck uid: jsteinbeck userPassword:: abcdefg
- In the editor click on Browse and select your current connection
- Then click on Execute LDIF – now we’ve got some more content in our directory and you are able to see it in the Outline view
Querying in the LDAP perspective
Now lets run a sample query for all users using the LDAP Browser’s search feature: Click on Searches > New > New Search …
Running a query using Java and JNDI
Now we want to query the directory for existing user using JNDI .. and our program should output
- I’ve created a simple new Java project in Eclipse containing this one class named LdapQuery
package com.hascode.tutorial.ldap; import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.Attributes; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; public class LdapQuery { public static void main(String[] args) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://127.0.0.1:10389/"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system"); env.put(Context.SECURITY_CREDENTIALS, "secret"); DirContext ctx = new InitialDirContext(env); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> enumeration = ctx.search("ou=Users,dc=example,dc=com", "(objectClass=person)", searchControls); while (enumeration.hasMore()) { SearchResult result = enumeration.next(); Attributes attrs = result.getAttributes(); System.out.println(String.format("User found.. %s, %s", attrs.get("cn"), attrs.get("uid"))); } } }
- Run the class and you should see the following output
User found.. cn: Micha Kops, uid: mkops User found.. cn: Santa Claus, uid: sclaus User found.. cn: John Steinbeck, uid: jsteinbeck
Tutorial Sources Download
I have put the source from this tutorial on my Bitbucket repository – download it there or check it out using Mercurial:
hg clone https://bitbucket.org/hascode/hascode-tutorials
Resources
- Apache Directory Studio
- Oracle.com: Java Naming and Directory Interface (JNDI)
- JavaWorld.com: LDAP and JNDI: Together forever
- Stefan Seelmann: Setting up an LDAP server for your development environment
LDAP Testing with Java
I have written another article covering the topic of writing integration tests for LDAP connected applications, please feel free to read: “LDAP Testing with Java: ApacheDS vs Embedded-LDAP-JUnit“.
Article Updates
- 2015-03-30: Formatting fixed, image captions added.
- 2016-07-04: Link to LDAP testing tutorial added.
Tags: active directory, ad, Apache, apacheds, eclipse, jndi, ldap, ldif
June 13th, 2011 at 1:19 pm
Wir benutzen ApacheDS seit zirka 10 Monaten als Backend für diverse Dienste. Ich kann die Software auch als Sysadmin sehr empfehlen. Sie läuft stabil und schnell.
June 23rd, 2011 at 3:46 pm
Good blog post !
You can also use the LDAP API we provide (directory.apache.org/api), the code will be more compact than with JNDI :
public class LdapQuery {
public static void main(String[] args) throws NamingException {
LdapConnection connection = new LdapNetworkConnection( “localhost”, 10389 );
connection.bind( “uid=admin,ou=system”, “secret” );
EntryCursor cursor = connection.search( “ou=Users,dc=example,dc=com”, “(objectClass=person)”, SearchScope.SUBTREE, “*” );
while (cursor.next() ) {
Entry entry = cursor.get();
System.out.println(String.format(“User found.. %s, %s”, entry.get(“cn”), entry.get(“uid”)));
}
}
June 23rd, 2011 at 5:47 pm
Thanks for your remark! :)