Understanding the LDAP Binding Component

LDAP BC WSDL Configuration

When you use the New WSDL Document Wizard for the LDAP BC, it generates a WSDL document that includes all of the required elements and the configuration information you entered in the wizard. You can use the WSDL Editor to view and modify the configuration you defined. The elements you are most likely to configure are the service level WSDL elements and binding level WSDL elements. The following topics describe working with the WSDL document and the elements specific to the LDAP BC.

For an example of how to use the New WSDL Document Wizard for LDAP, see Creating a WSDL Document in Using the LDAP Binding Component in a Project .

Viewing the LDAP WSDL Document

In the WSDL view of the WSDL Editor, the WSDL file appears as a tree component or a series of columns. The WSDL view has two subviews: tree view and column view. To switch between the subviews, use the buttons in the WSDL Editor toolbar. The main nodes in the WSDL view correspond to the major elements in a WSDL file.

Types: This node enables you to import XML schemas and to add inline schemas.
Imports: This node enables you to import WSDL files.
Messages: This node enables you to create, edit, and delete messages.
Port Types: This node enables you to create, edit, and delete port types.
Bindings: This node enables you to create, edit, and delete bindings.
Services: This node enables you to create, edit, and delete services.
Extensibility Elements: This node enables you to add the following extensibility elements: partner link types, properties, and property aliases.

To Add Extension Attributes

Some of the nodes in the WSDL view allow you to add extension attributes.

Right-click the node and choose Add Extension Attribute.

Specify the name and namespace in the Add Extension Attribute dialog box.

Specify the value from the Properties window after adding the attribute.

Right-click the node and choose Remove Attributes to delete the attribute.

Service Level WSDL Elements

The attributes of the service WSDL element configure LDAP directory security information for the LDAP BC. The attributes specify the connectivity to the LDAP directory address element ldap:address. These attributes specify login information, security protocols, authentication type, and so on.

When you create a WSDL file in the NetBeans IDE, the New WSDL Document Wizard generates the address service definition. You can then edit the attributes of the address service. The following table describes the attributes available for this service.

Table 1 LDAP Address Element Attributes


Attribute	Description
location	The connection URL for the LDAP server in the format `ldap://hostename:port`.
principal	The LDAP principal (user name) needed when using an authentication method other than anonymous login. Use the fully qualified DN (Distinguished Name) of the user; for example, `CN=Administrator,CN=Users,DC=sun,dc=com`.
credential	The credentials (password) needed when using an authentication method other than anonymous login.
ssltype	The type of SSL connection to use. Enter one of the following: None: A simple plain connection that does not use SSL. Enable SSL: Communication to the LDAP server uses an SSL secure communication channel. TLS On Demand: Communication to the LDAP server uses TLS on deamand. Note – If you use Enable SSL, the URL must point to a secure LDAP port.
authentication	The authentication method to be used. Enter one of the following: None: Authentication is simple or not required. Make sure the LDAP server supports anonymous logins. Simple: Authentication is based on a user name or password. If you select this option, you need to enter the user name in the principal property and the password in the credentials property.
protocol	The SSL protocol to use when establishing an SSL connection with the LDAP server. Enter TLS, TSLv1, SSLv3, SSLv2, or SSL
truststore	The path and name of the TrustStore file, which is used for CA certificate management when establishing SSL connections.
truststorepassword	The TrustStore password for accessing the TrustStore used for CA certificate management when establishing SSL connections.
truststoretype	The TrustStore type used for CA certificate management. If no type is specified, the applications uses JKS as the default type.
keystore	The path and name of the KeyStore file. The KeyStore is used for key/certificate management when establishing SSL connections.
keystorepassword	The KeyStore password for accessing the KeyStore used for key/certificate management when establishing SSL connections.
keystoreusername	The user name for accessing the keystore when establishing SSL connections.
keystoretype	The default keystore type, which is used for key/certificate management when establishing SSL connections. If no type is specified, the application uses JKS as the default type.
tlssecurity	An indicator of whether TLS security is enabled. Enter `NO` if TLS security is not used; enter `YES` if it is used.

The following example illustrates the LDAP service element:

<service name="LDAPService"
    <wsdl:port name="LDAPPort" binding="tns:LDAPBinding>
        <ldap:address location="ldap://ldapServer1:389" 
                      principal = "cn=Manager,dc=sun,dc=com" 
                      credential = "admin" 
                      truststorepassword = "trustadmin" 
                      truststoretype = "JKS" 
                      keystore = "C:\security\ldap\keystore.jks"
                      keystorepassword = "keystoreadmin"
                      keystoreusername = "keystore"
                      keystoretype = "JKS"
                      tlssecurity = "NO"
                      ssltype = "Enable SSL"
                      authentication = "Simple"
                      truststore = "C:\security\ldap\trust.jks"
                      protocol = "SSL"
        />
    </wsdl:port>
</service>

Binding Level WSDL Elements

The LDAP Binding Component binding level WSDL elements include the binding, operation, and message extensibility elements.

Binding elements define the file transport-specific information for operations and messages.

LDAP Binding Element

The LDAP binding extensibility element allows the association of a binding to be LDAP protocol specific. When you create a WSDL file for a BPEL project in the NetBeans IDE, the New WSDL Document Wizard generates the LDAP binding definition, which includes a name you specify and a type that is generated by the wizard.

The following example illustrates the LDAP binding element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    ...
</binding>

LDAP Operation Element

The LDAP operation element defines the supported operations. For the LDAP Binding Component the operations that can be supported include the following:

searchRequest
updateRequest
compareRequest
insertRequest
deleteRequest
addConnectionRequest

The following example illustrates the LDAP operation element:

<binding name="LDAPBinding" type="tns:LDAPPortType">
    <ldap:binding/>
    <wsdl:operation name="LDAPSearchOperation">
        <ldap:operation type="searchRequest"/>
        ...

LDAP Output Element

The LDAP output element extends the binding element to specify properties associated with writing output messages. In the NetBeans IDE, select a ldap:output() element to view and modify the output properties. The following table describes the available output properties.

Table 2 LDAP Output Element Properties


Property	Description
returnPartName	The message part name that is returned. This is used in search operations.
attributes	A list of attributes to be retrieved.