Understanding the LDAP Binding Component

Supporting Features in LDAP Binding Component

LDAP Binding Component allows anonymous and authenticated connections. Users can perform numerous tasks when connected to an external LDAP system. These tasks include adding an entry, adding an attribute, and adding a value. Similarly, users have the privileges to modify, delete and search for a value, and attribute entry.

The following features are supported in the LDAP Binding Component.

  1. Standard JBI Binding Component

    1. Component Installation

    2. Component lifecycle Management: Install, Start, Stop, Shutdown, and Un-install

    3. Service Unit lifecycle Management: Deploy, Start, Stop, Shutdown, and Un-deploy

    4. Service Assembly Generation

    5. Support Component Status Monitoring

    6. Installation Time Configuration

    7. Run-time Configuration

    8. Service Provisioner and Consumer

  2. LDAP Features

    1. Anonymous Connection

      Anonymous Connections are those that are not categorized as authenticated, trusted, suspect, or blocked.

    2. Add Entry Node

      Use the AddEntry node to add entries to a directory. There are different options available when adding an entry. Specify the name of the entry to add (RDN relative to the initial context), an entry with its attributes and values for each attribute.

    3. Add Attribute Value

      Use the Add Attribute Value to modify the values or attributes.

    4. Add Value

      Use Add Value to add any value to any attribute of an entry.

    5. Remove Attribute

      Use the Remove Attribute to remove attributes from an entry.

    6. Remove Value

      Use Remove Value to remove values from any attribute of an entry.

    7. Replace Value

      Use the Replace Value to replace all the existing values of any attribute with any new value for an entry.

    8. Search

      Use Search to perform searches for an entry or multiple entries of the LDAP directory.

    9. Search Referral

      This feature helps you to search for an attribute among many LDAP servers. Set up the LDAP referral to another LDAP server. This means after the search fails to locate the search string on one server, it automatically searches over the referred server.

      1. Credential File

        A credential file contains the appropriate referral credentials. Use the RCF command line utility to generate the credential file.

      2. Ignore

        Use the Ignore attribute to ignore the referral server.

      3. Follow

        User the Follow attribute to connect to the referred system and continue the search operation.

      4. Throw

        Use this attribute to generate a referral exception, which the client can catch and initiate any action.

    10. Search

      The Search corresponds to performing searches for an entry or multiple entries of the LDAP directory.


        The OBJECT_SCOPE method defines the search method only within the named object that is defined with ContextName. The object scope essentially compares the named object for some particular attribute and/or value.

        Object Scope

        The ONELEVEL_SCOPE method defines the search method for entries that are one level below the named object.

        One Level Scope

        The SUBTREE_SCOPE method defines the search method for all entries starting from the named object and all descendants below the named object.

        SubTree scope
      4. Search Filter

        Use the Search filter to specify the context or the first entry for the search, the scope of the search, or any other search criteria and the boundaries to which the search is limited.

      5. Page Control

        The Page control specifies a collection of control that are set.

      6. Sort

        Use Sort to request for the search values to be sorted as per the specified attributes. Set the Sort Attributes field with a pipe (|) separated character string consisting of attributes to use sort control.

        Example: Set SortAttributes with the string cn|mail to sort entries by cn and later by mail..

    11. Security

        The LDAP server stores user names and passwords. Hence all transactions have to be secure. The following are configured with the LDAP Binding Component:

      1. Secure Socket Layer (SSL)

        Secure Socket Layer (SSL) is a cryptographic protocol that provides privacy and data integrity for communications over TCP/IP networks such as the Internet.

      2. Transport Layer Security (TLS)

        Transport Layer Security (TLS) is a cryptographic protocol that provides privacy and data integrity for communications over TCP/IP networks such as the Internet.

      3. TLS on Demand

        Selecting this option allows users to establish an SSL connection on demand.

        • The startTLS

          Use the startTLS function to initiate a secure SMTP connection between two servers using the Secure Sockets Layer (SSL) (also known as TLS).

          Once the connection is established all future communication between the two servers is encrypted.

        • The stopTLS

          Use the stopTLS function to stop an SMTP connection between two servers using the Secure Sockets Layer (SSL) (also known as TLS).

      4. KeyStore and TrustStore Management

        The Keystore is used for key or certificate management when establishing SSL connections.

        The TrustStore is used for CA certificate management when establishing SSL connections.

      5. Credential File Management

        The Credential File Management feature allows users the credentials needed when authenticating log-ins other than anonymous log-in

    12. WSDL 1.1 Wrapper Support in ME Normalizer and Denormalizer

    13. WSDL Extensibility Element

    14. Thread Management

    15. Connection Management

    16. Fault Handling

    17. Component Logging

  3. NetBeans Plug-in

    1. LDAP WSDL Extensibility Element Support

    2. Design-time WSDL Validation

    3. LDAP WSDL Generator/Wizard

    4. Composite Application Integration

    5. Code Completion

  4. Systemic Qualities

    System requirements come in two basic forms: functional and nonfunctional. Functional requirements define what a system does. These include event driven capabilities which provide specific observable functions to users of the system. Nonfunctional requirements on the other hand, use pervasive nonfunctional qualities like reliability, availability, and security, to define a system functionality.

    1. Application Variables

    2. Application Configuration

      This feature is used when the application is deployed and configuration of the WSDL takes place. This can be done through Application Configuration without redeploying the application.

    3. Custom GUI Configuration

    4. Logging

      Logging varies based on the situation:

      • Administrators can use the log to monitor system state, monitor for errors, and troubleshoot errors

      • Application developers can use the log additionally to troubleshoot their own application code

      • Support, sustaining and development can use the log to troubleshoot the product code

    5. Password Handling

      Security often plays a role in interacting with various external systems, protocols, and implementations. Security may take the form of authorization, authentication, or encryption. The Password Handling feature also provides a common mechanism for components that need to handle authorization and authentication through the use of user names and passwords.

    6. Common Fault, Error Strategy

      Establish a common fault or error framework. This ensures consistency in fault behavior and content.

    7. Runtime Monitoring

      The user has the provision to monitor the component and the application. After deploying and starting the server, it provides statistics like endpoint statistics, component statistics and performance measurement.

    8. Recovery

      The recovery feature helps components to recover from failure gracefully. This includes failure of other components internally and externally. It can also deal with faults or errors in a manner that does not compromise message reliability.

    9. Dynamic Addressing

      Use Dynamic addressing to extend the scope of an application dynamically through dynamic addressing or invocation.

  5. New Features

    1. Binding Configuration Panel

    2. LDAP Search Page Control

    3. LDAP Data Interchange Format (LDIF) File Parser

    4. LDAP Custom Control

    5. Wizard Re-factoring to describe Multiple Operations

    6. Fix Add Operation (wizard and runtime) to Return Results

    7. Multiple Operation Support

      The LDIF parser implementation allows creating a WSDL from a LDIF file, The WSDL can be created with all the four operations in the same WSDL.

Platform Support

    The following operating systems are supported:

  1. Microsoft Windows XP Professional SP2 32–bit

  2. Red Hat Linux AS4 64–bit

  3. Sun Microsystems Solaris 10 SPARC 64–bit

  4. Microsoft Windows XP SP3 32–bit

  5. Microsoft Windows 2003 R2 SP2 32–bit

  6. Microsoft Windows Vista Business SP1 32–bit

  7. Microsoft Windows 2000 SP4 32–bit

  8. Sun Microsystems Solaris 10 64–bit (X86)

  9. Sun Microsystems Open Solaris 10 32–bit (X86)

  10. Sun Microsystems Solaris 9 SPARC (64–bit)

  11. Red Hat Linux AS4 32–bit

  12. Open Solaris 2008

Server Support

LDAP Binding Component is certified to work with the following servers-