Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Clojure
tree: d55711fdca

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
src/clj_ldap
test/clj_ldap/test
README.md
project.clj

README.md

Introduction

clj-ldap is a thin layer on the unboundid sdk and allows clojure programs to talk to ldap servers.

Example

(ns example
  (:require [clj-ldap.client :as ldap]))

(def ldap-server (ldap/connect {:host "ldap.example.com"}))

(ldap/get ldap-server "cn=dude,ou=people,dc=example,dc=com")

;; Returns a map such as
{:gidNumber "2000"
 :loginShell "/bin/bash"
 :objectClass #{"inetOrgPerson" "posixAccount" "shadowAccount"}
 :mail "dude@example.com"
 :sn "Dudeness"
 :cn "dude"
 :uid "dude"
 :homeDirectory "/home/dude"}

API

connect [options]

Connects to an ldap server and returns a, thread safe, LDAPConnectionPool. Options is a map with the following entries:

:host            Either a string in the form "address:port"
                 OR a map containing the keys,
                    :address   defaults to localhost
                    :port      defaults to 389 (or 636 for ldaps),
                 OR a collection containing multiple hosts used for load
                 balancing and failover. This entry is optional.
:bind-dn         The DN to bind as, optional
:password        The password to bind with, optional
:num-connections The number of connections in the pool, defaults to 1
:ssl?            Boolean, connect over SSL (ldaps), defaults to false
:trust-store     Only trust SSL certificates that are in this
                 JKS format file, optional, defaults to trusting all
                 certificates
:connect-timeout The timeout for making connections (milliseconds),
:timeout         The timeout when waiting for a response from the server
                 (milliseconds), defaults to 5 minutes

For example: (ldap/connect conn {:host "ldap.example.com" :num-connections 10})

(ldap/connect conn {:host [{:address "ldap1.example.com" :port 8000}
                           {:address "ldap3.example.com"}
                           "ldap2.example.com:8001"]
                    :ssl? true
                    :num-connections 9})

(ldap/connect conn {:host {:port 8000}})

get [connection dn]

If successful, returns a map containing the entry for the given DN. Returns nil if the entry doesn't exist or cannot be read.

(ldap/get conn "cn=dude,ou=people,dc=example,dc=com")

add [connection dn entry]

Adds an entry to the connected ldap server. The entry is map of keywords to values which can be strings, sets or vectors.

(ldap/add conn "cn=dude,ou=people,dc=example,dc=com"
               {:objectClass #{"top" "person"}
                :cn "dude"
                :sn "a"
                :description "His dudeness"
                :telephoneNumber ["1919191910" "4323324566"]})

modify [connection dn modifications]

Modifies an entry in the connected ldap server. The modifications are a map in the form: {:add {:attribute-a some-value :attribute-b [value1 value2]} :delete {:attribute-c :all :attribute-d some-value :attribute-e [value1 value2]} :replace {:attibute-d value :attribute-e [value1 value2]}}

All the keys in the map are optional e.g:

 (ldap/modify conn "cn=dude,ou=people,dc=example,dc=com"
              {:add {:telephoneNumber "232546265"}})

search [connection base] [connection base options]

Runs a search on the connected ldap server, reads all the results into memory and returns the results as a sequence of maps.

Options is a map with the following optional entries: :scope The search scope, can be :base :one or :sub, defaults to :sub :filter A string describing the search filter, defaults to "(objectclass=*)" :attributes A collection of the attributes to return, defaults to all user attributes e.g (ldap/search conn "ou=people,dc=example,dc=com")

(ldap/search conn "ou=people,dc=example,dc=com" {:attributes [:cn]})

search! [connection base f] [connection base options f]

Runs a search on the connected ldap server and executes the given function (for side effects) on each result. Does not read all the results into memory.

Options is a map with the following optional entries: :scope The search scope, can be :base :one or :sub, defaults to :sub :filter A string describing the search filter, defaults to "(objectclass=*)" :attributes A collection of the attributes to return, defaults to all user attributes :queue-size The size of the internal queue used to store results before they passed to the function, the default is 100

e.g (ldap/search! conn "ou=people,dc=example,dc=com" println)

 (ldap/search! conn "ou=people,dc=example,dc=com"
                    {:filter "sn=dud*"}
                    (fn [x]
                       (println "Hello " (:cn x))))

delete [connection dn]

Deletes the entry with the given DN on the connected ldap server.

 (ldap/delete conn "cn=dude,ou=people,dc=example,dc=com")
Something went wrong with that request. Please try again.