NAME

AxKit::XSP::LDAP - LDAP tag library for AxKit eXtensible Server Pages.

SYNOPSIS

Add the ldap: namespace to your XSP <xsp:page> tag:

<xsp:page
     language="Perl"
     xmlns:xsp="http://apache.org/xsp/core/v1"
     xmlns:ldap="http://www.apache.org/2000/LDAP"
>

And add this taglib to AxKit (via httpd.conf or .htaccess):

AxAddXSPTaglib AxKit::XSP::LDAP

DESCRIPTION

This tag library provides support for retrieving records from LDAP servers from within XSP. This tag library is based on the Coccon LDAP taglib described at http://opensource.socialchange.net.au/ldaptaglib/docs/ Several parts of the Java taglib are not relevant in perl. They are noted below.

TAG DESCRIPTIONS

Note that below we use the ldap: prefix as a convention, however you can use whatever prefix you like provided it is mapped to the appropriate namespace.

<ldap:execute-query>

This is the required 'wrapper' element that declares your connection. All of the following tags will be children of this tag.

<ldap:server-url>

This defines the URL of the server to connect to. This is currently only used to get the hostname.

Specifying a server-url of...

<ldap:server-url>ldap://ldap.openldap.org/</ldap:server-url>

will direct the system to ldap.openldap.org port 389 for requests.

The current version of this taglib does not implement extended URL information such as specifying the port, or trailing the base DN after the hostname. These will be implemented in a future release.

<ldap:query>

This defines the query to send to the remote LDAP server.

<ldap:query>(cn=Thompson)</ldap:query>

Will pull back all records (limited by <ldap:count-limit> below) with a cn entry of Thompson.

LDAP queries use the & character to denote a logical AND of search strings.

<ldap:query>(&(cn=Thompson) (ou=Development))</ldap:query>

This is, of course, bad XML, as it will try to make the & into an entity. In this case you should escape the & as & such as...

<ldap:query>(&amp;(cn=Thompson) (ou=Development))</ldap:query>

<ldap:scope>

This sets the LDAP search scope. Valid values are "base", "sub" and "one".

This defaults to "sub" if not included.

<ldap:deref-link>

This determines whether the LDAP server is asked to dereference alias and referrals. Valid values are "true" and "false". The default value is "true".

<ldap:driver>

This tag is ignored, and is included for completeness of the Java spec.

<ldap:search-base>

This tag sets the base entry for the query.

<ldap:count-limit>

This tag sets a limit on the number of records returned by the server. If set to 0, all matching records are returned. The default is 0.

<ldap:time-limit>

This tag sets a time limit on the query in milliseconds. If set to 0, no limit is set. The default is 0.

<ldap:attributes>

This tag specifies a comma separated list of attributes to return from the LDAP server. For example...

<ldap:attributes>cn,ou,mail,sn,title</ldap:attributes>

Will return the cn, ou, mail, sn, and title attributes for any records which match the query. The default value for this is '*', which will cause the LDAP server to return it's default set of attributes, as defined on the server side by whatever LDAP schema it uses.

<ldap:binary-attributes>

This tag is currently unimplemented and will be available in the next release. It will be blissfully ignored.

<ldap:relative-dn>

This tag is currently unimplemented and will be available in the next release. It will be blissfully ignored.

<ldap:result-format>

This tag is currently unimplemented and may be available in a future release. It will be blissfully ignored.

<ldap:doc-element>

This tag is used to set the name of the tag which will wrap the result set. The default value is "ldapsearch"

<ldap:entry-element>

This tag is used to set the name of the tag which will wrap each record retrieved from the server. The default value is "searchresult"

<ldap:id-attribute>

This tag is used to set the name of the attribute which will be used in every entry-element tag in the result set.

The default value is "ID"

Assuming you haven't changed the name of the entry-element, a record retrieved from the server will look like...

<ldapsearch>
   <searchresult ID="...record DN...">
     ... Data ...
   </searchresult>
</ldapsearch>

Giving the tag...

<ldap:id-attribute>foo</ldap:id-attribute>

would make the second line of that example read...

<searchresult foo="...record DN...">

<ldap:error-element>

This tag is currently unimplemented and may be available in a future release. It will be blissfully ignored.

<ldap:debug>

This tag is currently unimplemented and may be available in a future release. It will be blissfully ignored.

EXAMPLE

If an LDAP server has the following data...

dn: cn=Bob Smith, ou=People, dc=server,dc=com
cn: Bob Smith
cn: Robert J. Smith
sn: Smith
mail: bob.smith@server.com
title: Manager
telephoneNumber: +1 202 555 5252
facsimileTelephoneNumber: +1 202 555 2329
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson

dn: cn=Barney Smith, ou=People, dc=server,dc=com
cn: Barney Smith
cn: Barney Q. Smith
sn: Smith
title: Janitor
mail: barney.smith@server.com
telephoneNumber: +1 202 555 5050
facsimileTelephoneNumber: +1 202 555 2020
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson

You can query for all records with sn=Smith (sn is LDAP for surname).

<?xml version="1.0" encoding="ISO-8859-1" ?> 
<xsp:page language="Perl"
  xmlns:xsp="http://www.apache.org/1999/XSP/Core" 
  xmlns:ldap="http://www.apache.org/2000/LDAP"
>
<page>
   <ldap:execute_query>
      <ldap:server_url>ldap://ldap.server.com</ldap:server_url>
      <ldap:query>(sn=Smith)</ldap:query>
      <ldap:doc-element>demoresults</ldap:doc-element>
      <ldap:id-attribute>UserDNE<lt>/ldap:id-attribute>
      <ldap:scope>sub</ldap:scope>
      <ldap:deref_link>true</ldap:deref_link>
      <ldap:count_limit>1</ldap:count_limit>
      <ldap:attributes>cn,title,mail</ldap:attributes>
   </ldap:execute_query>
</page>
</xsp:page>

The resulting XML will look like

<?xml version="1.0" encoding="UTF-8"?>
<page>
<demoresults>
   <searchresult UserDN="cn=Bob Smith, ou=People, dc=server,dc=com">
      <cn>Bob Smith</cn>
      <cn>Robert J. Smith</cn>
      <mail>bob.smith@server.com</mail>
      <title>Manager</title>
   </searchresult>
   <searchresult UserDN="cn=Barney Smith, ou=People, dc=server,dc=com">
      <cn>Barney Smith</cn>
      <cn>Barney Q. Smith</cn>
      <mail>barney.smith@server.com</mail>
      <title>Janitor</title>
   </searchresult>
</demoresults>
</page>

DISCLAIMER

I make no claims at being an XSP or LDAP expert. This is very much a work in progress.

AUTHOR

Chris Thompson, chris@logimeta.com.

Original Cocoon taglib by Alain Ketterlin and Jeff Turner.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

TAG DESCRIPTIONS

EXAMPLE

DISCLAIMER

AUTHOR

COPYRIGHT

SEE ALSO

NAME

SYNOPSIS

DESCRIPTION

TAG DESCRIPTIONS

EXAMPLE

DISCLAIMER

AUTHOR

COPYRIGHT

SEE ALSO

Module Install Instructions