Index Changes

Understanding the LDAP Binding Component

Table of Contents


LDAP BC WSDL Configuration

When you use the New WSDL Document Wizard for the LDAP BC, it generates a WSDL document that includes all of the required elements and the configuration information you entered in the wizard. You can use the WSDL Editor to view and modify the configuration you defined. The elements you are most likely to configure are the service level WSDL elements and binding level WSDL elements. The following topics describe working with the WSDL document and the elements specific to the LDAP BC.

  • Viewing the LDAP WSDL Document
  • Service Level WSDL Elements
  • Binding Level WSDL Elements

For an example of how to use the New WSDL Document Wizard for LDAP, see Creating a WSDL Document: Add Operation.

Viewing the LDAP WSDL Document

In the WSDL view of the WSDL Editor, the WSDL file appears as a tree component or a series of columns. The WSDL view has two subviews: tree view and column view. To switch between the subviews, use the buttons in the WSDL Editor toolbar. The main nodes in the WSDL view correspond to the major elements in a WSDL file.

  • Types: This node enables you to import XML schemas and to add inline schemas.
  • Imports: This node enables you to import WSDL files.
  • Messages: This node enables you to create, edit, and delete messages.
  • Port Types: This node enables you to create, edit, and delete port types.
  • Bindings: This node enables you to create, edit, and delete bindings.
  • Services: This node enables you to create, edit, and delete services.
  • Extensibility Elements: This node enables you to add the following extensibility elements: partner link types, properties, and property aliases.

To Add Extension Attributes

Some of the nodes in the WSDL view allow you to add extension attributes.

  1. Right-click the node and choose Add Extension Attribute.
  2. Specify the name and namespace in the Add Extension Attribute dialog box.
  3. Specify the value from the Properties window after adding the attribute.
  4. Right-click the node and choose Remove Attributes to delete the attribute.

Service Level WSDL Elements

The attributes of the service WSDL element configure LDAP directory security information for the LDAP BC. The attributes specify the connectivity to the LDAP directory address element ldap:address. These attributes specify login information, security protocols, authentication type, and so on.

When you create a WSDL file in the NetBeans IDE, the New WSDL Document Wizard generates the address service definition. You can then edit the attributes of the address service. The following table describes the attributes available for this service.

LDAP Address Element Attributes

Attribute Description
location The connection URL for the LDAP server in the format ldap://hostename:port.
principal The LDAP principal (user name) needed when using an authentication method other than anonymous login. Use the fully qualified DN (Distinguished Name) of the user; for example, CN=Administrator,CN=Users,DC=sun,dc=com.
credential The credentials (password) needed when using an authentication method other than anonymous login.
ssltype The type of SSL connection to use. Enter one of the following:
* None: A simple plain connection that does not use SSL.
* Enable SSL: Communication to the LDAP server uses an SSL secure communication channel.
* TLS On Demand: Communication to the LDAP server uses TLS on deamand.
Note - If you use Enable SSL, the URL must point to a secure LDAP port.
authentication The authentication method to be used. Enter one of the following:
* None: Authentication is simple or not required. Make sure the LDAP server supports anonymous logins.
* Simple: Authentication is based on a user name or password. If you select this option, you need to enter the user name in the principal property and the password in the credentials property.
protocol The SSL protocol to use when establishing an SSL connection with the LDAP server. Enter TLS, TSLv1, SSLv3, SSLv2, or SSL
truststore The path and name of the TrustStore file, which is used for CA certificate management when establishing SSL connections.
truststorepassword The TrustStore password for accessing the TrustStore used for CA certificate management when establishing SSL connections.
truststoretype The TrustStore type used for CA certificate management. If no type is specified, the applications uses JKS as the default type.
keystore The path and name of the KeyStore file. The KeyStore is used for key/certificate management when establishing SSL connections.
keystorepassword The KeyStore password for accessing the KeyStore used for key/certificate management when establishing SSL connections.
keystoreusername The user name for accessing the keystore when establishing SSL connections.
keystoretype The default keystore type, which is used for key/certificate management when establishing SSL connections. If no type is specified, the application uses JKS as the default type.
tlssecurity An indicator of whether TLS security is enabled. Enter NO if TLS security is not used; enter YES if it is used.

The following example illustrates the LDAP service element:

<service name="LDAPService"
    <wsdl:port name="LDAPPort" binding="tns:LDAPBinding>
        <ldap:address location="ldap://ldapServer1:389" 
                      principal = "cn=Manager,dc=sun,dc=com" 
                      credential = "admin" 
                      truststorepassword = "trustadmin" 
                      truststoretype = "JKS" 
                      keystore = "C:\security\ldap\keystore.jks"
                      keystorepassword = "keystoreadmin"
                      keystoreusername = "keystore"
                      keystoretype = "JKS"
                      tlssecurity = "NO"
                      ssltype = "Enable SSL"
                      authentication = "Simple"
                      truststore = "C:\security\ldap\trust.jks"
                      protocol = "SSL"
        />
    </wsdl:port>
</service>

Binding Level WSDL Elements

The LDAP Binding Component binding level WSDL elements include the binding, operation, and message extensibility elements.

Binding elements define the file transport-specific information for operations and messages.

LDAP Binding Element

The LDAP binding extensibility element allows the association of a binding to be LDAP protocol specific. When you create a WSDL file for a BPEL project in the NetBeans IDE, the New WSDL Document Wizard generates the LDAP binding definition, which includes a name you specify and a type that is generated by the wizard.

The following example illustrates the LDAP binding element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    ...
</binding>

LDAP Operation Element

The LDAP operation element defines the supported operations. For the LDAP Binding Component the supported operations include the following:

  • searchRequest
  • updateRequest
  • compareRequest
  • insertRequest
  • deleteRequest
  • addConnectionRequest

The following example illustrates the LDAP operation element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    <wsdl:operation name="LDAPSearchOperation">
        <ldap:operation type="searchRequest"/>
        ...

LDAP Output Element

The LDAP output element extends the binding element to specify properties associated with writing output messages. In the NetBeans IDE, select a ldap:output() element to view and modify the output properties. The following table describes the available output properties.

LDAP Output Element Properties

Property Description
returnPartName The message part name that is returned. This is used in search operations.
attributes A list of attributes to be retrieved.

Previous Next


Return to GlassFish ESB Documentation Home

JSPWiki v2.4.100
[RSS]
« Home Index Changes Prefs
This page (revision-4) was last changed on 24-Jul-09 14:17 PM, -0700 by CarolT