JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Java CAPS LDAP Binding Component User's Guide     Java CAPS Documentation
search filter icon
search icon

Document Information

Understanding the LDAP Binding Component

About the LDAP Binding Component

Functional Architecture of the LDAP Binding Component

Supported LDAP Servers

About LDAP

Entries, Attributes and Values

LDAP Directory Structure

Distinguished Names and Relative Distinguished Names

LDAP Service and LDAP Client

Terms and Definitions

Supported Features in the LDAP Binding Component

Supported LDAP Functions

Searching the LDAP Directory

OBJECT_SCOPE Search Method

ONELEVEL_SCOPE Search Method

SUBTREE_SCOPE Search Method

Security for LDAP Transactions

LDAP BC WSDL Configuration

Viewing the LDAP WSDL Document

To Add Extension Attributes

Service Level WSDL Elements

Binding Level WSDL Elements

LDAP Binding Element

LDAP Operation Element

LDAP Output Element

Runtime Configuration

Accessing the LDAP Binding Component Runtime Properties

To Access the LDAP Binding Component Runtime Properties

LDAP Binding Component Runtime Properties

General Properties

Identification Properties

Configuration Properties

Statistics Properties

Loggers Properties

Application Variables

Application Configurations

LDAP BC WSDL Configuration

When you use the New WSDL Document Wizard for the LDAP BC, it generates a WSDL document that includes all of the required elements and the configuration information you entered in the wizard. You can use the WSDL Editor to view and modify the configuration you defined. The elements you are most likely to configure are the service level WSDL elements and binding level WSDL elements. The following topics describe working with the WSDL document and the elements specific to the LDAP BC.

For an example of how to use the New WSDL Document Wizard for LDAP, see Creating a WSDL Document in Oracle Java CAPS LDAP Binding Component Tutorial.

Viewing the LDAP WSDL Document

In the WSDL view of the WSDL Editor, the WSDL file appears as a tree component or a series of columns. The WSDL view has two subviews: tree view and column view. To switch between the subviews, use the buttons in the WSDL Editor toolbar. The main nodes in the WSDL view correspond to the major elements in a WSDL file.

To Add Extension Attributes

Some of the nodes in the WSDL view allow you to add extension attributes.

  1. Right-click the node and choose Add Extension Attribute.
  2. Specify the name and namespace in the Add Extension Attribute dialog box.
  3. Specify the value from the Properties window after adding the attribute.
  4. Right-click the node and choose Remove Attributes to delete the attribute.

Service Level WSDL Elements

The attributes of the service WSDL element configure LDAP directory security information for the LDAP BC. The attributes specify the connectivity to the LDAP directory address element ldap:address. These attributes specify login information, security protocols, authentication type, and so on.

When you create a WSDL file in the NetBeans IDE, the New WSDL Document Wizard generates the address service definition. You can then edit the attributes of the address service. The following table describes the attributes available for this service.

Table 1 LDAP Address Element Attributes

Attribute
Description
location
The connection URL for the LDAP server in the format ldap://hostename:port.
principal
The LDAP principal (user name) needed when using an authentication method other than anonymous login. Use the fully qualified DN (Distinguished Name) of the user; for example, CN=Administrator,CN=Users,DC=oracle,dc=com.
credential
The credentials (password) needed when using an authentication method other than anonymous login.
ssltype
The type of SSL connection to use. Enter one of the following:
  • None: A simple plain connection that does not use SSL.

  • Enable SSL: Communication to the LDAP server uses an SSL secure communication channel.

  • TLS On Demand: Communication to the LDAP server uses TLS on demand.


Note - If you use Enable SSL, the URL must point to a secure LDAP port.


authentication
The authentication method to be used. Enter one of the following:
  • None: Authentication is simple or not required. Make sure the LDAP server supports anonymous logins.

  • Simple: Authentication is based on a user name or password. If you select this option, you need to enter the user name in the principal property and the password in the credentials property.

protocol
The SSL protocol to use when establishing an SSL connection with the LDAP server. Enter TLS, TSLv1, SSLv3, SSLv2, or SSL
truststore
The path and name of the TrustStore file, which is used for CA certificate management when establishing SSL connections.
truststorepassword
The TrustStore password for accessing the TrustStore used for CA certificate management when establishing SSL connections.
truststoretype
The TrustStore type used for CA certificate management. If no type is specified, the applications uses JKS as the default type.
keystore
The path and name of the KeyStore file. The KeyStore is used for key/certificate management when establishing SSL connections.
keystorepassword
The KeyStore password for accessing the KeyStore used for key/certificate management when establishing SSL connections.
keystoreusername
The user name for accessing the keystore when establishing SSL connections.
keystoretype
The default keystore type, which is used for key/certificate management when establishing SSL connections. If no type is specified, the application uses JKS as the default type.
tlssecurity
An indicator of whether TLS security is enabled. Enter NO if TLS security is not used; enter YES if it is used.

The following example illustrates the LDAP service element:

<service name="LDAPService"
    <wsdl:port name="LDAPPort" binding="tns:LDAPBinding>
        <ldap:address location="ldap://ldapServer1:389" 
                      principal = "cn=Manager,dc=oracle,dc=com" 
                      credential = "admin" 
                      truststorepassword = "trustadmin" 
                      truststoretype = "JKS" 
                      keystore = "C:\security\ldap\keystore.jks"
                      keystorepassword = "keystoreadmin"
                      keystoreusername = "keystore"
                      keystoretype = "JKS"
                      tlssecurity = "NO"
                      ssltype = "Enable SSL"
                      authentication = "Simple"
                      truststore = "C:\security\ldap\trust.jks"
                      protocol = "SSL"
        />
    </wsdl:port>
</service>

Binding Level WSDL Elements

The LDAP Binding Component binding level WSDL elements include the binding, operation, and message extensibility elements.

Binding elements define the file transport-specific information for operations and messages.

LDAP Binding Element

The LDAP binding extensibility element allows the association of a binding to be LDAP protocol specific. When you create a WSDL file for a BPEL project in the NetBeans IDE, the New WSDL Document Wizard generates the LDAP binding definition, which includes a name you specify and a type that is generated by the wizard.

The following example illustrates the LDAP binding element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    ...
</binding>

LDAP Operation Element

The LDAP operation element defines the supported operations. For the LDAP Binding Component the operations that can be supported include the following:

The following example illustrates the LDAP operation element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    <wsdl:operation name="LDAPSearchOperation">
        <ldap:operation type="searchRequest"/>
        ...

LDAP Output Element

The LDAP output element extends the binding element to specify properties associated with writing output messages. In the NetBeans IDE, select a ldap:output() element to view and modify the output properties. The following table describes the available output properties.

Table 2 LDAP Output Element Properties

Property
Description
returnPartName
The message part name that is returned. This is used in search operations.
attributes
A list of attributes to be retrieved.