Why is LDAP used?
LDAP is used for accessing a directory which can consist of a set of objects, users, groups, login, passwords, permissions etc. Its practical use is more in terms of authentication and access control mechanism. LDAP also provides add, delete, search, modify operations. LDAP is not considered as a standard relational database.
LDAP stores the attribute based data and they are generally read specific data. The entries in LDAP are maintained in tree like structure Directory Information Tree (DIT).
OpenDS is simple Java based open source directory service software which implements LDAP. In today’s series we will explore this product for demonstration of the LDAP server.
Let’s try to do a hands on exercise on how to install and configure OpenDS.
OpenDS software can be downloaded from https://opends.java.net/ link the OpenDS2.2 version.
Install OpenDS2.2 by clicking “setup.bat”.
Click the option “Install new server instance”.
Under Server Settings option Add the Host name matches the host name mentioned the config file of your application server. In this case we will use “localhost”. Fill up rest of the details along with the password.
In case of Topology option select this as a Standalone server.
Leave the default options of Directory base DN to dc=example, dc=com
Review and Finish
Launch Control Panel.
You can launch the control panel from the Finish Wizard or you can go to directory OpenDS\bat and execute the command control-panel.bat.
The control-panel.bat will open the Directory server control panel.
Add users – To add users in the LDAP directory click on Manage Entries option.
Right click on the dc=example, dc=com to add New User
In the New User panel add the details of the new user.
In this case the common name is admin.
We can also create a new group by using the New Group option and assign the created users to this group.
dn – Each entry in the LDAP will have an unique identifier or distinguished name (DN).
cn – Common Name
sn – Surname
dc – Domain Component
ou – Organisational Unit
o – Organisation
st – State
l – Location
c – Country
We can also try various other LDAP servers available in the market including Active Directory (Microsoft), Apache Directory Server, IBM Tivoli Directory Server, OpenDJ, OpenLDAP among others.
In our next series we will try to explore how to use the LDAP server from JEE applications and apply security features in JEE based web application. Keep watching this space.