Service Level WSDL Elements (LDAP Binding Component User's Guide)

LDAP Binding Component User's Guide

Service Level WSDL Elements

The attributes of the service WSDL element configure LDAP directory security information for the LDAP BC. The attributes specify the connectivity to the LDAP directory address element ldap:address. These attributes specify login information, security protocols, authentication type, and so on.

When you create a WSDL file in the NetBeans IDE, the New WSDL Document Wizard generates the address service definition. You can then edit the attributes of the address service. The following table describes the attributes available for this service.

Table 1 LDAP Address Element Attributes


Attribute	Description
location	The connection URL for the LDAP server in the format `ldap://hostename:port`.
principal	The LDAP principal (user name) needed when using an authentication method other than anonymous login. Use the fully qualified DN (Distinguished Name) of the user; for example, `CN=Administrator,CN=Users,DC=sun,dc=com`.
credential	The credentials (password) needed when using an authentication method other than anonymous login.
ssltype	The type of SSL connection to use. Enter one of the following: None: A simple plain connection that does not use SSL. Enable SSL: Communication to the LDAP server uses an SSL secure communication channel. TLS On Demand: Communication to the LDAP server uses TLS on deamand. Note – If you use Enable SSL, the URL must point to a secure LDAP port.
authentication	The authentication method to be used. Enter one of the following: None: Authentication is simple or not required. Make sure the LDAP server supports anonymous logins. Simple: Authentication is based on a user name or password. If you select this option, you need to enter the user name in the principal property and the password in the credentials property.
protocol	The SSL protocol to use when establishing an SSL connection with the LDAP server. Enter TLS, TSLv1, SSLv3, SSLv2, or SSL
truststore	The path and name of the TrustStore file, which is used for CA certificate management when establishing SSL connections.
truststorepassword	The TrustStore password for accessing the TrustStore used for CA certificate management when establishing SSL connections.
truststoretype	The TrustStore type used for CA certificate management. If no type is specified, the applications uses JKS as the default type.
keystore	The path and name of the KeyStore file. The KeyStore is used for key/certificate management when establishing SSL connections.
keystorepassword	The KeyStore password for accessing the KeyStore used for key/certificate management when establishing SSL connections.
keystoreusername	The user name for accessing the keystore when establishing SSL connections.
keystoretype	The default keystore type, which is used for key/certificate management when establishing SSL connections. If no type is specified, the application uses JKS as the default type.
tlssecurity	An indicator of whether TLS security is enabled. Enter `NO` if TLS security is not used; enter `YES` if it is used.

The following example illustrates the LDAP service element:

<service name="LDAPService"
    <wsdl:port name="LDAPPort" binding="tns:LDAPBinding>
        <ldap:address location="ldap://ldapServer1:389" 
                      principal = "cn=Manager,dc=sun,dc=com" 
                      credential = "admin" 
                      truststorepassword = "trustadmin" 
                      truststoretype = "JKS" 
                      keystore = "C:\security\ldap\keystore.jks"
                      keystorepassword = "keystoreadmin"
                      keystoreusername = "keystore"
                      keystoretype = "JKS"
                      tlssecurity = "NO"
                      ssltype = "Enable SSL"
                      authentication = "Simple"
                      truststore = "C:\security\ldap\trust.jks"
                      protocol = "SSL"
        />
    </wsdl:port>
</service>