Creating a LDAP server for your development

environment in 5 minutes
June 13th, 2011 by Micha Kops

I am currently working on a plugin that needs

to receive some information from an LDAP/Active Directory using JNDI. Thats
why I needed to set up a directory server in a short time and I didnt want to
waste much effort for here.
Luckily for me the Apache Directory Studio saved my day and allowed me to set
up everything I needed in a few minutes.
Short and sweet: In this tutorial Im going to show you how to configure
everything you need in your Eclipse IDE and finally how to query the created
LDAP server with a tiny java client using JNDI.
Prerequisites

Youll need Java, Eclipse and thats all ..

Java Development Kit 6

Eclipse IDE

Apache Directory Studio Setup

First were going to install Apache Directory Studio as Eclipse Plugin ..

Install Eclipse Plugin

Install the plugin using the update

site http://directory.apache.org/studio/update/2.x

You should at least install Apache Directory Studio Apache DS, Apache
Directory Studio LDAP Browser andApache Directory Studio LDIF
Editor here .. or just install everything .. it wont hurt ..

If youre totally unfamiliar with installing a plugin in Eclipse, there is a

detailed installation guide for you on the Apache Directory Studio Website.

Apache DS Eclipse Plugin Installation

Create a new LDAP server

Now we want to create a new LDAP server for development ..

Open the server view by going: Menubar > Window > Show View > Other
> Apache DS > Servers

Creating a new LDAP server in Eclipse IDE

Rightclick in the server view and select New > New server

Enter a name for the server e.g. ldap-devel and finish

You should see your new created server in the server view

Start your LDAP server by rightclick and run .. after a short time the
servers status should have changed to started

Viewing the LDAP server status in Eclipse

If you take a look at the servers current configuration youll see that the
server is configured for the host name ldap.example.com

Creating a connection to the server

We need a connection for the following data import and to query our directory
server

Just right-click on the server in the server view and select LDAP-Browser >
Create a connection and let the IDE switch to the LDAP Perspective

In the LDAP perspective theres the LDAP Browser, an outline for the
directory structure, the connection and server views and the directory
logs

Import sample data from a LDIF file

Now we need some data in our directory server we do not query him for fun!

Were going to import some data from an LDIF file .. just copy the
following content and save it to a file and open it in the perspectiv. It is
important that the last line in the LDIF file is an empty line/newline.

dn: dc=example,dc=com
objectClass: domain
objectClass: top
dc: example
dn: ou=Users,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: ou=Groups,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Groups
dn: cn=Micha Kops,ou=Users,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Micha Kops
sn: Kops
uid: mkops
userPassword:: abcdefg
dn: cn=Santa Claus,ou=Users,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Santa Claus

sn: Claus
uid: sclaus
userPassword:: abcdefg
dn: cn=John Steinbeck,ou=Users,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: John Steinbeck
sn: Steinbeck
uid: jsteinbeck
userPassword:: abcdefg

In the editor click on Browse and select your current connection

Then click on Execute LDIF now weve got some more content in our
directory and you are able to see it in the Outline view

Connecting to the LDAP server in Eclipse

The imported data in the LDAP outline view

Querying in the LDAP perspective

Now lets run a sample query for all users using the LDAP Browsers search
feature: Click on Searches > New > New Search

Querying the LDAP server

Viewing the result of the LDAP query in Eclipse

Running a query using Java and JNDI

Now we want to query the directory for existing user using JNDI .. and our
program should output

Ive created a simple new Java project in Eclipse containing this one class
named LdapQuery

package com.hascode.tutorial.ldap;
import java.util.Hashtable;
import
import
import
import
import
import
import
import

javax.naming.Context;
javax.naming.NamingEnumeration;
javax.naming.NamingException;
javax.naming.directory.Attributes;
javax.naming.directory.DirContext;
javax.naming.directory.InitialDirContext;
javax.naming.directory.SearchControls;
javax.naming.directory.SearchResult;

public class LdapQuery {

public static void main(String[] args) throws NamingException {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://127.0.0.1:10389/");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
DirContext ctx = new InitialDirContext(env);
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> enumeration =
ctx.search("ou=Users,dc=example,dc=com", "(objectClass=person)", searchControls);
while (enumeration.hasMore()) {
SearchResult result = enumeration.next();
Attributes attrs = result.getAttributes();
System.out.println(String.format("User found.. %s, %s",
attrs.get("cn"), attrs.get("uid")));

}
}
}

Run the class and you should see the following output

User found.. cn: Micha Kops, uid: mkops

User found.. cn: Santa Claus, uid: sclaus
User found.. cn: John Steinbeck, uid: jsteinbeck

Test the LDAP Server Connection

You can use Oracle ATG Web Commerces LDAP server connection tool to test whether the JNDI environment
properties in the InitialContextEnvironment component are configured appropriately for your server.
To test the connection to the LDAP server, do the following:
1.

Update the below file with your LDAP connection details.

C:\ATG\ATG11.1\DAS\LDAP\MicrosoftActiveDirectory\config\atg\dynamo\security\
InitialContextEnvironment.properties

2.

From the command line, switch to the following directory:

<ATG10dir>/DAS/LDAP/lib
3.

Issue the following command:

For Active Directory:

java -classpath ./ldap.jar LDAPConnection MicrosoftActiveDirectory

For Oracle Directory Server:

java -classpath ./ldap.jar LDAPConnection iPlanetDirectory

If Oracle ATG Web Commerce connects successfully to your LDAP server, it displays this message:

Successfully Created Context:

javax.naming.directory.InitialDirContextcontext_number

Troubleshooting the Server Connection

If Oracle ATG Web Commerce does not connect to your LDAP server, it displays one of the following error
messages:

Error Message

InitialContextEnvironment
Property to Modify

The following Error Occurred:

providerURL

javax.naming.CommunicationException: <h

Error Message

InitialContextEnvironment
Property to Modify

ost:port>.
Root exception
is java.net.NoRouteToHostException:
Operation timed out: no further information

The following Error Occurred:

securityAuthentication

javax.naming.AuthenticationNotSupported
Exception:
SASL support not available:<value>

Bad Username and/or Password:

javax.naming.AuthenticationException:
[LDAP: error code 49 - Invalid Credentials]

securityPrincipal and/or securityCre

dentials