Skip to content

LDAP Connector Example

The LDAP connector allows you to connect to any LDAP server through a simple web services interface and perform CRUD (Create, Read, Update, Delete) operations on LDAP entries. This connector uses the JAVA JNDI APIs to connect to a required LDAP server.

Given below is a sample scenario that demonstrates how to perform CRUD operations on LDAP entries using LDAP Connector.

What you'll build

This example demonstrates on how to use the ldap connector to create and read ldap entries on a student directory. image

This will have 2 API resources, create, search.

todo : add an image

  • /create : This will create a new LDAP entry in the LDAP server.

  • /search : This will performs a search for one or more LDAP entities with the specified search keys.

If you do not want to configure this yourself, you can simply get the project and run it.

Configure the connector in WSO2 Integration Studio

Before you begin, see Setting up LDAP if you need to setup an LDAP and try this out.

Follow these steps to set up the Integration Project and the Connector Exporter Project.

  1. Open WSO2 Integration Studio and create an Integration Project. Creating a new Integration Project

  2. Right click on the project that you created and click on Add or Remove Connector -> Add Connector. You will get directed to the WSO2 Connector Store.

  3. Search for the specific connector and download it to the workspace. In this case, Salesforce is used as an example, but you can do this for the connector you require for your integration scenario.
    Search Connector in the Connector Store

  4. Click Finish, and your Integration Project is ready. The downloaded connector is displayed on the left side palette with its operations.

  5. You can drag and drop the operations to the design canvas and build your integration logic. Drag connector operations

  6. Right click on the created Integration Project and select, New -> Rest API to create the REST API.

  7. Provide the API name as college_student_api and the API context as /student. You can go to the source view of the xml configuration file of the API and copy the following configuration.

    <?xml version="1.0" encoding="UTF-8"?>
    <api context="/student" name="college_student_api" xmlns="http://ws.apache.org/ns/synapse">
        <resource methods="POST" url-mapping="/create">
            <inSequence>
                <sequence key="init_sequence"/>
                <sequence key="add_student_sequence"/>
            </inSequence>
            <outSequence/>
            <faultSequence/>
        </resource>
        <resource methods="POST" url-mapping="/search">
            <inSequence>
                <sequence key="init_sequence"/>
                <sequence key="search_student_sequence"/>
            </inSequence>
            <outSequence/>
            <faultSequence/>
        </resource>
    </api>

  8. Right click on the created Integration Project and select, -> New -> Sequence to create the following sequences.

    • init_sequence - <ldap.init> element authenticates with the LDAP server in order to gain access to perform various LDAP operations.

      <?xml version="1.0" encoding="UTF-8"?>
      <sequence name="init_sequence" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
          <property expression="json-eval($.secureConnection)" name="secureConnection" scope="default" type="STRING"/>
          <property expression="json-eval($.disableSSLCertificateChecking)" name="disableSSLCertificateChecking" scope="default" type="STRING"/>
          <property expression="json-eval($.providerUrl)" name="providerUrl" scope="default" type="STRING"/>
          <property expression="json-eval($.securityPrincipal)" name="securityPrincipal" scope="default" type="STRING"/>
          <property expression="json-eval($.securityCredentials)" name="securityCredentials" scope="default" type="STRING"/>
          <ldap.init>
              <providerUrl>{$ctx:providerUrl}</providerUrl>
              <securityPrincipal>{$ctx:securityPrincipal}</securityPrincipal>
              <securityCredentials>{$ctx:securityCredentials}</securityCredentials>
              <secureConnection>{$ctx:secureConnection}</secureConnection>
              <disableSSLCertificateChecking>{$ctx:disableSSLCertificateChecking}</disableSSLCertificateChecking>
          </ldap.init>
      </sequence>

    • add_student_sequence - <ldap.addEntry> element creates a new LDAP entry in the LDAP server

      <?xml version="1.0" encoding="UTF-8"?>
      <sequence name="add_student_sequence" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
          <property expression="json-eval($.content.objectClass)" name="objectClass" scope="default" type="STRING"/>
          <property expression="json-eval($.content.attributes)" name="attributes" scope="default" type="STRING"/>
          <property expression="json-eval($.content.dn)" name="dn" scope="default" type="STRING"/>
          <ldap.addEntry>
              <objectClass>{$ctx:objectClass}</objectClass>
              <attributes>{$ctx:attributes}</attributes>
              <dn>{$ctx:dn}</dn>
          </ldap.addEntry>
          <respond/>
      </sequence>

    • search_student_sequence - <ldap.searchEntry> element search for one or more LDAP entities based on the specified search keys.

      <?xml version="1.0" encoding="UTF-8"?>
      <sequence name="search_student_sequence" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
          <property expression="json-eval($.content.objectClass)" name="objectClass" scope="default" type="STRING"/>
          <property expression="json-eval($.content.filters)" name="filters" scope="default" type="STRING"/>
          <property expression="json-eval($.content.attributes)" name="attributes" scope="default" type="STRING"/>
          <property expression="json-eval($.content.dn)" name="dn" scope="default" type="STRING"/>
          <ldap.searchEntry>
              <objectClass>{$ctx:objectClass}</objectClass>
              <limit>1000</limit>
              <filters>{$ctx:filters}</filters>
              <dn>{$ctx:dn}</dn>
              <attributes>{$ctx:attributes}</attributes>
          </ldap.searchEntry>
          <respond/>
      </sequence>

Exporting Integration Logic as a CApp

CApp (Carbon Application) is the deployable artifact on the Enterprise Integrator runtime. Let us see how we can export integration logic we developed into a CApp along with the connector.

Creating Connector Exporter Project

In order to bundle Connector into a CApp a Connector Exporter Project is needed.

  1. Navigate to File -> New -> Other -> WSO2 -> Extensions -> Project Types -> Connector Exporter Project.
    Add Connector Exporter Project

  2. Enter a name for the Connector Exporter Project.

  3. In the next screen select, Specify the parent from workspace and select the specific Integration Project you created from the dropdown. Naming Connector Exporter Project

  4. Now you need to add the Connector to Connector Exporter Project that you just created. Right click on the Connector Exporter Project and select, New -> Add Remove Connectors -> Add Connector -> Add from Workspace -> Connector

  5. Once you are directed to the workspace, it displays all the connectors that exist in the workspace. You can select the relevant connector and click Ok. Selecting Connector from Workspace

Creating a Composite Application Project

To export the Solution Project as a CApp, a Composite Application Project needs to be created. Usually, when a solution project is created, this project is automatically created by Integration Studio. If not, you can specifically create it by navigating to File -> New -> Other -> WSO2 -> Distribution -> Composite Application Project.

Exporting the Composite Application Project

  1. Right click on Composite Application Project and click on Export Composite Application Project.
    Export as a Carbon Application

  2. Select an Export Destination where you want to save the .car file.

  3. In the next Create a deployable CAR file screen, select both the created Integration Project and the Connector Exporter Project to save and click Finish. The CApp will get created at the specified location provided at the previous step. Create a deployable CAR file

Get the project

You can download the ZIP file and extract the contents to get the project code.

Download ZIP

Deployment

Follow these steps to deploy the exported CApp in the Enterprise Integrator Runtime.

Deploying on WSO2 Enterprise Integrator 7

You can copy the composite application to the /repository/deployment/server/carbonapps folder and start the server. Micro Integrator will be started and the composite application will be deployed. You can further refer to the application deployed through the CLI tool. You can download the CLI tool from here from the Other Resources section. Make sure you first export the PATH as below.

  $ export PATH=/path/to/mi/cli/directory/bin:$PATH
  1. Log in to Micro Integrator using the following command.

    ./mi remote login
  2. Provide default credentials admin for both username and password.

  3. In order to view the APIs deployed, execute the following command.

    ./mi api show
Click here for instructions on deploying on WSO2 Enterprise Integrator 6
  1. You can copy the composite application to the /repository/deployment/server/carbonapps folder and start the server.

  2. WSO2 EI server starts and you can login to the Management Console https://localhost:9443/carbon/ URL. Provide login credentials. The default credentials will be admin/admin.

  3. You can see that the API is deployed under the API section.

Testing

Create an entry in ldap server

  1. Create a file named student_data.json with following sample payload.

        { 
          "providerUrl":"ldap://localhost:10389/",
          "securityPrincipal":"uid=admin,ou=system",
          "securityCredentials":"admin",
          "secureConnection":"false",
          "disableSSLCertificateChecking":"false",
          "content":{ 
             "objectClass":"identityPerson",
             "dn":"uid=triss.merigold,ou=Users,dc=wso2,dc=org",
             "attributes":{ 
                "mail":"triss@wso2.com",
                "userPassword":"geralt&triss",
                "sn":"dim",
                "cn":"dim",
                "manager":"cn=geralt,ou=Groups,dc=example,dc=com"
             }
          }
        }

  2. Invoke the API as shown below using the curl command. Curl Application can be downloaded from [here] (https://curl.haxx.se/download.html).

    curl -H "Content-Type: application/json" -X POST --data @student_data.json http://localhost:8290/student/create

Expected Response: 1. You should get a 'Success' response. 2. Open Apache Directory Studio and category DIT (Directory Information Tree) shows the hierarchical content of the directory. Expand, collapse the tree and you will see the new entries. Select the entry and you will see it's attributes and values on Entry Editor. image

Search ldap entries

  1. Create a file named search_student.json with following sample payload

        {
            "providerUrl": "ldap://localhost:10389/",
            "securityPrincipal": "uid=admin,ou=system",
            "securityCredentials": "admin",
            "secureConnection": "false",
            "disableSSLCertificateChecking": "false",
            "application": "ldap",
            "operation": "searchEntity",
            "content": {
                "objectClass": "identityPerson",
                "filters": {
                    "manager": "cn=geralt,ou=Groups,dc=example,dc=com"
                },
                "dn": "ou=Users,dc=wso2,dc=org",
                "attributes": "mail,uid"
            }
        }

  2. Invoke the API as shown below using the curl command.

    curl -H "Content-Type: application/json" -X POST --data @search_student.json http://localhost:8290/student/search

Expected Response: You should get all entries that match with the provided filter. A sample response is as follows.

    {
        "result": {
            "entry": [
                {
                    "dn": "uid=triss.merigold,ou=Users,dc=WSO2,dc=ORG",
                    "mail": "triss@wso2.com",
                    "uid": "triss.merigold"
                },
                {
                    "dn": "uid=yennefer.of.vengerberg,ou=Users,dc=WSO2,dc=ORG",
                    "mail": "yenna@wso2.com",
                    "uid": "yennefer.of.vengerberg"
                }
            ]
        }
    }

What's Next

Top