Not logged in | Login
Table of Contents
When you use the New WSDL Document Wizard for the LDAP BC, it generates a WSDL document that includes all of the required elements and the configuration information you entered in the wizard. You can use the WSDL Editor to view and modify the configuration you defined. The elements you are most likely to configure are the service level WSDL elements and binding level WSDL elements. The following topics describe working with the WSDL document and the elements specific to the LDAP BC.
For an example of how to use the New WSDL Document Wizard for LDAP, see Creating a WSDL Document: Add Operation.
In the WSDL view of the WSDL Editor, the WSDL file appears as a tree component or a series of columns. The WSDL view has two subviews: tree view and column view. To switch between the subviews, use the buttons in the WSDL Editor toolbar. The main nodes in the WSDL view correspond to the major elements in a WSDL file.
Some of the nodes in the WSDL view allow you to add extension attributes.
The attributes of the service WSDL element configure LDAP directory security information for the LDAP BC. The attributes specify the connectivity to the LDAP directory address element ldap:address. These attributes specify login information, security protocols, authentication type, and so on.
When you create a WSDL file in the NetBeans IDE, the New WSDL Document Wizard generates the address service definition. You can then edit the attributes of the address service. The following table describes the attributes available for this service.
LDAP Address Element Attributes
|location||The connection URL for the LDAP server in the format ldap://hostename:port.|
|principal||The LDAP principal (user name) needed when using an authentication method other than anonymous login. Use the fully qualified DN (Distinguished Name) of the user; for example, CN=Administrator,CN=Users,DC=sun,dc=com.|
|credential||The credentials (password) needed when using an authentication method other than anonymous login.|
|ssltype|| The type of SSL connection to use. Enter one of the following:|
* None: A simple plain connection that does not use SSL.
* Enable SSL: Communication to the LDAP server uses an SSL secure communication channel.
* TLS On Demand: Communication to the LDAP server uses TLS on deamand.
Note - If you use Enable SSL, the URL must point to a secure LDAP port.
|authentication|| The authentication method to be used. Enter one of the following:|
* None: Authentication is simple or not required. Make sure the LDAP server supports anonymous logins.
* Simple: Authentication is based on a user name or password. If you select this option, you need to enter the user name in the principal property and the password in the credentials property.
|protocol||The SSL protocol to use when establishing an SSL connection with the LDAP server. Enter TLS, TSLv1, SSLv3, SSLv2, or SSL|
|truststore||The path and name of the TrustStore file, which is used for CA certificate management when establishing SSL connections.|
|truststorepassword||The TrustStore password for accessing the TrustStore used for CA certificate management when establishing SSL connections.|
|truststoretype||The TrustStore type used for CA certificate management. If no type is specified, the applications uses JKS as the default type.|
|keystore||The path and name of the KeyStore file. The KeyStore is used for key/certificate management when establishing SSL connections.|
|keystorepassword||The KeyStore password for accessing the KeyStore used for key/certificate management when establishing SSL connections.|
|keystoreusername||The user name for accessing the keystore when establishing SSL connections.|
|keystoretype||The default keystore type, which is used for key/certificate management when establishing SSL connections. If no type is specified, the application uses JKS as the default type.|
|tlssecurity||An indicator of whether TLS security is enabled. Enter NO if TLS security is not used; enter YES if it is used.|
The following example illustrates the LDAP service element:
<service name="LDAPService" <wsdl:port name="LDAPPort" binding="tns:LDAPBinding> <ldap:address location="ldap://ldapServer1:389" principal = "cn=Manager,dc=sun,dc=com" credential = "admin" truststorepassword = "trustadmin" truststoretype = "JKS" keystore = "C:\security\ldap\keystore.jks" keystorepassword = "keystoreadmin" keystoreusername = "keystore" keystoretype = "JKS" tlssecurity = "NO" ssltype = "Enable SSL" authentication = "Simple" truststore = "C:\security\ldap\trust.jks" protocol = "SSL" /> </wsdl:port> </service>
The LDAP Binding Component binding level WSDL elements include the binding, operation, and message extensibility elements.
Binding elements define the file transport-specific information for operations and messages.
The LDAP binding extensibility element allows the association of a binding to be LDAP protocol specific. When you create a WSDL file for a BPEL project in the NetBeans IDE, the New WSDL Document Wizard generates the LDAP binding definition, which includes a name you specify and a type that is generated by the wizard.
The following example illustrates the LDAP binding element:
<binding name="LDAPBinding" type="tns:LDAPPortType"> <ldap:binding/> ... </binding>
The LDAP operation element defines the supported operations. For the LDAP Binding Component the supported operations include the following:
The following example illustrates the LDAP operation element:
<binding name="LDAPBinding" type="tns:LDAPPortType"> <ldap:binding/> <wsdl:operation name="LDAPSearchOperation"> <ldap:operation type="searchRequest"/> ...
The LDAP output element extends the binding element to specify properties associated with writing output messages. In the NetBeans IDE, select a ldap:output() element to view and modify the output properties. The following table describes the available output properties.
LDAP Output Element Properties
|returnPartName||The message part name that is returned. This is used in search operations.|
|attributes||A list of attributes to be retrieved.|