How do I get a Java program to listen for LDAP queries?

[David]

I need to write a java class that can recieve and process LDAP queries
and would appreciate some help.

....the reason I need to do this is that several of our applications
rely on user/password & group info that is all stored in DB2 (ie is a
proprietry legacy user directory).

We want our new apps to use J2EE security in which case the server
will try and query an LDAP server to authenticate/authorize etc. But
since the user info is in DB2 what I would like to try and do is write
some kind of bridge between LDAP and this backend data structure.

ie a class that is listening for an LDAP query that says "Is the
password for 'Bill' equal to 'monday'?" and turn that into a series of
SQL statements to look up and compare the password for Bill in the DB2
tables and return an LDAP 'Yes'/'No'

....and likewise for "Is 'Bill' in the 'managers' group?"

The DB2 bit of it is easy, but im not sure how to get a Java class to
listen to a certain port?

....is this allowed in Java? or is it prevented for security reasons?

Any help much appreciated!

David Bevan

http://www.davidbevan.co.uk

 

[Will Hartung]

We want our new apps to use J2EE security in which case the server
will try and query an LDAP server to authenticate/authorize etc. But
since the user info is in DB2 what I would like to try and do is write
some kind of bridge between LDAP and this backend data structure.

Being pretty ignorant of J2EE security, it seems to me that it would be
better to write an adapter from J2EE Security <-> DB2 directly than J2EE <->

The DB2 bit of it is easy, but im not sure how to get a Java class to
listen to a certain port?

...is this allowed in Java? or is it prevented for security reasons?

I would bet that implementing the LDAP protocol, even a specific subset, is
probably Non-Trivial, and I would venture that this is not what you need to
do.

A J2EE -> DB2 adapter would be easier because the interface is probably much
more specific to the limited task of user authentication and role
determination, vs LDAP which is a technology that CAN be used for user
authentication and role determination, but is in fact a much richer and
deeper technology. Thus lots of baggage that affect the LDAP protocol that's
not necessarily appropriate to this task.

But, minimally, getting Java to read and write sockets basic is pretty easy
and I refer you to the java.net.* package for insight.

Regards,

Will Hartung
([email protected])

 

[Carsten Zerbst]

Am Fri, 15 Oct 2004 07:54:42 -0700 schrieb David:

I need to write a java class that can recieve and process LDAP queries
and would appreciate some help.

...the reason I need to do this is that several of our applications
rely on user/password & group info that is all stored in DB2 (ie is a
proprietry legacy user directory).

If you are not insisting on Java look at open ldap, an open source
ldap server. It could be hooked onto an sql database instead
of its usual db and serves this as LDAP.

Bye, Carsten