DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

The software you build is only as secure as the code that powers it. Learn how malicious code creeps into your software supply chain.

Apache Cassandra combines the benefits of major NoSQL databases to support data management needs not covered by traditional RDBMS vendors.

Generative AI has transformed nearly every industry. How can you leverage GenAI to improve your productivity and efficiency?

Modernize your data layer. Learn how to design cloud-native database architectures to meet the evolving demands of AI and GenAI workloads.

Related

  • How Spring and Hibernate Simplify Web and Database Management
  • Functional Endpoints: Alternative to Controllers in WebFlux
  • Graceful Shutdown: Spring Framework vs Golang Web Services
  • Actuator Enhancements: Spring Framework 6.2 and Spring Boot 3.4

Trending

  • DGS GraphQL and Spring Boot
  • Immutable Secrets Management: A Zero-Trust Approach to Sensitive Data in Containers
  • How Kubernetes Cluster Sizing Affects Performance and Cost Efficiency in Cloud Deployments
  • Performing and Managing Incremental Backups Using pg_basebackup in PostgreSQL 17
  1. DZone
  2. Coding
  3. Frameworks
  4. Accessing Weblogic Embedded LDAP programmatically by Spring LDAP module

Accessing Weblogic Embedded LDAP programmatically by Spring LDAP module

By 
Boris Lam user avatar
Boris Lam
·
Sep. 06, 12 · Interview
Likes (1)
Comment
Save
Tweet
Share
11.0K Views

Join the DZone community and get the full member experience.

Join For Free

Original Article: http://borislam.blogspot.hk/2012/09/accessing-weblogic-embedded-ldap-with.html 

Oracle Weblogic Application Server includes an embedded LDAP server which acts as the default security provider data store. There are few methods to access the embedded LDAP server. Oracle Weblogic provides an administration console for user to access it. We can create user, create group or edit detail through this administration console.


We could also access the embedded LDAP programmatically. Using WLST (Weblogic Scripting tool) is a standard way to do it but you need have knowledge of Jython programming. Alternatively, if you want to access it through Java, you can programmatically call the Weblogic MBeans directly. However, this is not an easy task. You can see this link for more detail.


In this article, I will show you an alternative way to access the Weblogic Embedded LDAP programmatically with Spring-LDAP. If you are acquainted with Spring, you may find this method quite easy and useful. In the following example, we do simple operation like search user, create user and add user to group through spring "ldaptemplate".

 

 Step 1: Create WlsLdapUser class which represent a LDAP user.

import java.util.HashSet;
import java.util.Set;
import javax.naming.Name;
 
public class WlsLdapUser {
 private String dnFull;
 private String id;
 private String password;
 private Set<String> group;
 private Name dn;
  
 public String getId() {
   return this.id;
 }
  
 public void setId(String id) {
   this.id = id;
 }
  
 public String getPassword() {
   return this.password;
 }
  
 public void setPassword(String password) {
   this.password = password;
 }
 
  
 public Set<String> getGroup() {
   return this.group;
 }
  
 public void setGroup(Set<String> group) {
   this.group = group;
 }
  
 public void addToGroup(String group) {
   if (getGroup() == null)
     setGroup(new HashSet());
   getGroup().add(group);
 }
  
 public void setDnFull(String dn) {
   this.dnFull = dn;
 }
  
 public String getDnFull() {
   return this.dnFull;
 }
  
 public void setDn(Name dn) {
   this.dn = dn;
 }
  
 public Name getDn() {
   return this.dn;
 }
 
 @Override
 public String toString() {
  return "WlsLdapUser [dnFull=" + dnFull + ", id=" + id + ", password="+ password + ", group=" + group + ", dn=" + dn + "]";
 }
 

 

Step 2: Create a base class "BaseLdapRepository" for accessing the Weblogic Embedded LDAP

This class makes use of Spring's "ldapTemplate" for accessing the Weblogic Embedded LDAP. It encapsulates basic operations for accessing LDAP (e.g. delete LDAP attribute, replacing LDAP attribute, add LDAP attribute). The "ldapTemplate" is injected to the repository class by define in the XML in step 4.

import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
 
import org.springframework.ldap.core.ContextMapper;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.LdapTemplate;
 
public class BaseLdapRepository {
 
  private LdapTemplate ldapTemplate ;
 
  public void setLdapTemplate(LdapTemplate ldapTemplate)
  {
      this.ldapTemplate = ldapTemplate;
  }
   
   
  public LdapTemplate getLdapTemplate() {
   return ldapTemplate;
  }
 
  protected void deleteAttr(Name dn, String attrName) {
      List attributes = new ArrayList();
      Attribute attr = new BasicAttribute(attrName);
      ModificationItem item = new ModificationItem(3, attr);
 
      attributes.add(item);
      modify(dn, attributes);
  }
 
  protected void replaceAttr(Name dn, String attrName, String attrVal) {
      List attributes = new ArrayList();
      Attribute attr = new BasicAttribute(attrName);
      attr.add(attrVal);
      ModificationItem item = new ModificationItem(2, attr);
 
      attributes.add(item);
      modify(dn, attributes);
  }
 
  protected void addAttr(Name dn, String attrName, String attrVal) {
      List attributes = new ArrayList();
      Attribute attr = new BasicAttribute(attrName);
      attr.add(attrVal);
      ModificationItem item = new ModificationItem(1, attr);
 
      attributes.add(item);
      modify(dn, attributes);
  }
 
  private void modify(Name dn, List<ModificationItem> attributes) {
   getLdapTemplate().modifyAttributes(dn, (ModificationItem[])attributes.toArray(new ModificationItem[0]));
 
      attributes.clear();
  }
 
  public Map<String, String[]> getAttrsStartsWith(Name dn, String opAttr) {
      return (Map)getLdapTemplate().lookup(dn, new String[] { opAttr }, new ContextMapper()
  {
        public Object mapFromContext(Object ctx)
        {
          DirContextAdapter context = (DirContextAdapter)ctx;
          Attributes attrs = context.getAttributes();
          NamingEnumeration ids = attrs.getIDs();
          Map m = new HashMap();
          try {
            while (ids.hasMore()) {
              String id = (String)ids.next();
              System.out.println("id: " + id);
 
              m.put(id, context.getStringAttributes(id));
            }
          } catch (NamingException e) {
            e.printStackTrace();
          }
          return m;
        }
      });
  }
} 

 

Step 3: Create a repository class to access the Weblogic Embedded LDAP
In order to implement the create(), find(), addUserGroups() and getUserGroups() methods in this LDAP repository class, we must know some Weblogic specific attributes of the Embedded LDAP.

Each user in Embedded LDAP belongs the "top", "person", "origanizationalPerson",  "inetOrgPerson", "wlsUser" objectclass. Therefore, when we implement the create() method, we must make sure the user entry belongs to these objectClasses. Also, each user in Embedded LDAP is under the "People" organization unit (OU). Thus, we need to search under "ou=people" when we find a specific user.

When we add user to groups, we make use of the "uniquemember" attribute in the group entry. On the contrary, when want to know the groups in which a specific user belongs to, we make use if the "wlsMemberOf" attribute in user entry. 

import java.util.Map;
import java.util.ArrayList;
import javax.naming.Name;
import org.apache.commons.lang.StringUtils;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.support.AbstractContextMapper;
import org.springframework.ldap.filter.EqualsFilter;
 
 
public class WlsLdapUserRepository extends BaseLdapRepository {
  
 protected DistinguishedName buildDn(WlsLdapUser user) {
     return buildDn(user.getId());
 }
     
 protected DistinguishedName buildDn(String uid) {
     DistinguishedName dn = new DistinguishedName();
     dn.add("ou", "people");
     dn.add("cn", uid);
     return dn;
 }
  
 protected DistinguishedName buildDnGroup(String cn)
 {
     DistinguishedName dn = new DistinguishedName();
    dn.add("ou", "groups");
     dn.add("cn", cn);
     return dn;
 }
  
 public void addToGroup(String dn, String gid) {
      DistinguishedName gdn = buildDnGroup(gid);
  
      super.addAttr(gdn, "uniquemember", dn);
 }
  
 public WlsLdapUser create(WlsLdapUser user)
 {
     Name dn = buildDn(user);
     DirContextAdapter context = new DirContextAdapter(dn);
     context.setAttributeValues("objectclass", new String[] { "top", "person", "inetOrgPerson", "organizationalPerson", "wlsuser" });
     context.setAttributeValue("cn", user.getId());
     context.setAttributeValue("sn", user.getId());
     context.setAttributeValue("uid", user.getId());
     context.setAttributeValue("userPassword", user.getPassword());
     getLdapTemplate().bind(dn, context, null);
     user = find(user.getId());
     return user;
 }
  
 public WlsLdapUser find(String uid) {
     WlsLdapUser user;
     try {      
      user = (WlsLdapUser)getLdapTemplate().searchForObject("ou=people", new EqualsFilter("uid", uid).toString(), new WlsUserContextMapper());
     }
     catch (Exception e)
     {
       e.printStackTrace();
       return null;
     }
     return user;
 }
    
 public List<String> getUserGroups(WlsLdapUser user) {
  Map<String, String[]> groupMmap = null;
  String[] groupMapArray = null ;
  ArrayList<String> results = new ArrayList<String>();
  groupMmap = this.getAttrsStartsWith(user.getDn(), "wlsMemberOf");
  groupMapArray = groupMmap.get("wlsMemberOf");
  if (groupMapArray.length >0) {
    String[] allGroups= StringUtils.split(groupMapArray[0], ",");
    for (String s:allGroups){
     if (StringUtils.contains(s, "cn=")) {
      String aGroup = StringUtils.remove(s,"cn=");
      results.add(aGroup);  
     }
    }
  }
  return results;
 }
  
 private static  class WlsUserContextMapper extends AbstractContextMapper
 {
     protected Object doMapFromContext(DirContextOperations context)
     {
      WlsLdapUser user = new WlsLdapUser();
      user.setId(context.getStringAttribute("uid"));
      user.setDnFull(context.getNameInNamespace());
      user.setDn(context.getDn());
      return user;
     }
 }
}
 

 

 

Step 4: Add your spring application context XML file

The connection details to the Embedded LDAP is put inside this file.

<bean id="contextSource" class="org.springframework.ldap.core.support.DirContextSource">
 <property name="url" value="ldap://127.0.0.1:7001">
 </property>
 <property name="userDn" value="cn=Admin"> 
 </property>
 <property name="password" value="welcome1">
 </property>
 <property name="base" value="ou=myrealm,dc=base_domain">
 </property>
</bean>
 
<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
 <constructor-arg ref="contextSource" />
</bean>
 
<bean id="wlsLdapUserRepository" class="org.borislam.ldap.repository.WlsLdapUserRepository">
 <property name="ldapTemplate" ref="ldapTemplate" /></bean>

 

 

Step 5: Test your application with the following code

 

@Named
public class TestLdapService {
 @Inject
 private WlsLdapUserRepository wlsLdapUserRepository;
  
 public void createWlsUser(){
  WlsLdapUser u = new WlsLdapUser();
     u.setId("leonardmessi");
     u.setPassword("welcome1");
     u = this.wlsLdapUserRepository.create(u);
     this.wlsLdapUserRepository.addToGroup(u.getDnFull(), "testGroup");
     this.wlsLdapUserRepository.addToGroup(u.getDnFull(), "Administrators");
  System.out.println("create user :" + u.toString());
 }
  
 public void findWlsUser(String userId){
  WlsLdapUser u = this.wlsLdapUserRepository.find(userId);
  System.out.println("create user :" + u.toString());
 }

After adding the user, you can see the user created by the above program through the Weblogic administration console. Besides, you can also verify by directly login the newly created user "leonardmessi" with password "welcome1".

 

 

 

 

Spring Framework

Opinions expressed by DZone contributors are their own.

Related

  • How Spring and Hibernate Simplify Web and Database Management
  • Functional Endpoints: Alternative to Controllers in WebFlux
  • Graceful Shutdown: Spring Framework vs Golang Web Services
  • Actuator Enhancements: Spring Framework 6.2 and Spring Boot 3.4

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!