Today, I will explain how to achieve and configure a ldap connection in Oracle Soa Suite and to create a ldap adapter to add, search, and compare entities in ldap in a bpel process.We'll use compare operation along with a Java Embedding component that include a SSHA digest operation to achieve authentication of a user through Ldap. However, lets first see how to enable the LdapAdapter in Soa Suite environment using the application console, and see how to build a Ldap environment using the Apache Directory Studio to use in our examples.
Configure the Application Console to Use Ldap:
Open the address http://localhost:7101/console in your browser after starting the integrated weblogic server. Enter the credentials you stated during the installation, and click the 'Deployments' in the left menu.Find the LdapAdapter in the Deployements list like in Figure 1.
Figure 1
Then go to the Targets tab and check the DefaultServer to target the LdapAdapter to your default server.See in Figure 2.
Open the directory studio and start the ApacheDS server.We'll create the users under ou=users,ou=system directory.The default password type will be SSHA.You can see the Ldap Browser view in the Apache Directory Studio's schema editor.
Figure 2
Next, go to the Configuration -> OutBound Connection Pools and choose one of the Jndi configuration.Say eis/ldap/master.Then configure the Jndi properties specifying bindDN, hostName, password and port.See in Figure 3 and 4.
Figure 3
Figure 4
Install and Configure Apache Directory Studio:
Download and install the Apache Directory Studio from the link below.
http://directory.apache.org/studio/download/download-windows.html
Figure 5
Create the SOA Project to Achieve Add Ldap Operation:
To add an entity to the Ldap we have to assing the dn, cn, sn, uid and userPassword properties of Ldap configuration.So, let's create a synchron bpel process that has a xsd file with these properties like in Figure 6.
Figure 6
Dn is the 'Distinguished Name' that identifiy the user's entity in the entire Ldap environment.Cn is the 'Common Name', Sn is the 'Surname', uid is the 'User Identifier' and the userPassword is the 'Password' field.
Now, create a Ldap adapter by right clicking the external references part of your composite page and rename it like in Figure 7.
Figure 7
On the next page, click to the plus sign and create a Ldap connection and test it entering the connection properties like in Figure 8.
Figure 8
Figure 23
Figure 24
Figure 25
Figure 37
Figure 38
Choose the Jndi name eis/ldap/master that we configured in the application console in the next page of the wizard.See in Figure 9 and 10.
Figure 9
Figure 10
Choose the Add operation in the next page, then choose the object classes 'inetOrgPerson' and 'person' and their attributes cn, sn, uid and userPassword to insert like in Figure 11 and 12.
Figure 11
Figure 12
After completing the Ldap adapter wizard, you will get the xsd file like in Figure 13 for the input of Ldap add operation and the final composite will look like in Figure 14.Also see how to configure the input variable of the Ldap component in Figure 15 and 16.
Figure 13
Figure 14
Figure 15
Figure 16
Example input and output of this bpel process can be seen in Figure 17.
Figure 17
You can see the added user in the ldap schema editor like in Figure 18.
Figure 18
Create the SOA Project to Achieve Search Ldap Operation:
To search an entity in the Ldap we have to define a baseDN and a searchFilter.Create a synchron bpel process that has just a uid in xsd and create a Ldap adapter in the composite page, rename it and choose the Search operation.See in Figure 19.
Figure 19
In the next page choose the default search base and the default search filter and then choose the response objects and the attributes that you want to return from the operation like in Figure 20 and 21.We just want to return the userPassword attribute of the person object.
Figure 20
Figure 21
At the end we get the following composite.
Figure 22
This time choose both input and output variables in the invoke component of search operation like in Figure 23 and drag and drop two assign activities after receiveInput and after invokeForSearch components for search and return values respectively.See in Figure 24, 25 and 26.In Figure 24, you can see we just use the concat function to obtain a search filter in the format 'uid=testUser'.
Figure 24
Figure 25
The final bpel process will be the following.
Figure 26
Example input and output of this bpel process can be seen in Figure 27.
Figure 27
Create the SOA Project to Achieve Compare Ldap Operation to Use in Authentication:
We'll now use a Compare Ldap operation to authenticate a user.Firstly, create a bpel process with a xsd file with two input variables uid and userPassword.
Figure 28
Create a Ldap adapter with compare operation like in Figure 29.
Figure 29
Define the input and output variables of the compare invoke component.
Figure 30
Since the password is kept as SSHA digest value in the Ldap server, before compare it we have to obtain the digest of the user password.SSHA is an acronomy for Salted Secure Hash Algorithm and used to obtain a more secure digest value with the help of a salt value.We'll use Java Embedding component to get the SSHA digest of the password input and use the digest of password and the uid together to authenticate a user.We'll need sun.misc.Base64Decoder.jar so obtain it from the internet if you don't have it.Then put the Base64Decoder.jar to the $PROJECT_DIR\SOA\SCA-INF\lib folder, set the jar file to the classpath from the Project Properties -> Libraries and Classpath.See in Figure 31.
Figure 31
We need to get the salt value that used in the Ldap server.Thus look for the password editor in the Apache Directory Studio to get the salt value.We'll use it in our SSHA class.
Figure 32
Now, create a java class named SSHA like in Figure 33.
Figure 33
We can then use this class in our Java Embedding code.Drag and drop a Java Embedding component after the receiveInput component and type the following codes in it.
Figure 34
Remember to put the required imports to the bpel source for the XMLElement and SSHA classes using the import tag.
Now, drag and drog two assing activities after the Java Embedding and InvokeForCompare components to set the compare and result values respectively.The assing activity for the InvokeForCompare component can be seen in Figure 32.We use concat function to set the dn attribute of the compare request as in the form 'uid=testUser,ou=users,ou=system' and we set the name as 'userPassword' and set the value from the result of the Java Embedding component.
Figure 35
The final bpel process for the Compare ldap operation will be the following.
Figure 36
The possible inputs and outputs of this bpel process can be seen in Figure 37 and 38.Also you can see the return value in the debug screen in Figure 39.
Figure 38
Figure 39
Conclusion:
I try to explain the usage of Ldap in SOA Suite using add, search and compare operations of bpel ldap adapter.Before that we saw how to configure Ldap adapter in application console and also see how to install and configure the Apache Directory Studio.In the compare example we see how to authenticate a user with the help of a Java Embedding including a SSHA digester class.To test and debug the projects developed in this write, you can see the detail of debugging and testing a project in this write.
You can download the source code from here.
HI, thanks for great share, can you please describe modify option in ldap adaptor. thanks in advanced
ReplyDeleteEntertainment technology (TV, internet, videogames, iPods) has advanced so rapidly, kitchener townhomes for sale that families have scarcely noticed the significant impact and changes to their family structure and lifestyles.
ReplyDeletePut another way: there are at least three major problems with technology that leaders - in their rush to be successful - seem to conveniently ignore, and I would like to outline them here. combination weighers
ReplyDeleteThe GSM has made wandering between administrators an exceptionally regular undertaking, encouraging the clients to convey their portable in pretty much all aspects of the world. dumps plus pins
ReplyDeleteThe banks didn't generally think about cards since it was produced from slim air and never was there a penny taken from any banks vault to finance a card account! To see how this functions utilize the hunt term "the gig is up. skimmers for sale
ReplyDeleteSince Atlanta was a military preparing ground at that point, Tech held its male understudies and proceeded with its football program all through the conflict.why you should use a vpn when ddosing
ReplyDeleteMain concern: assuming you don't take in whatever else from this article, in any event gain proficiency with this a certain something. A sound tech's essential obligation is to be mindful by focusing consistently and taking care of the necessities of others for the sole goal of a faultless show. túlméretes szállítás Europa-Road Kft.
ReplyDeleteAt whatever point the designer leaves his seat to take care of those obligations, the sound tech is neglecting to take care of his work. IT consulting services Brampton
ReplyDeleteLikewise, the article "I'm not a PC individual" (Lohnes 2013) addresses the way that understudies assumptions taking everything into account is altogether different. In an examination finished with 34 undergrad college understudies, they exhort that technology is a necessary piece of a college understudies life since they need to do must everything on the web from applying for school or college, China mosfet manufacturer
ReplyDeleteIn the event that you are as yet unfit to associate with the Contivity VPN Switch, open a Command Prompt and have a go at pinging the Contivity VPN Switch utilizing the host name or address that you determined in the Destination field. express vpn free trial
ReplyDeleteInstructors have consistently utilized technology. The thing that matters is that now instructors are utilizing truly integral assets like iPads and iPhones in their own and expert lives. powerbelt
ReplyDeleteAs a general rule, the first technology ended up in the garbage dump. Technology, hence, is an empowering agent whose extreme incentive is to make enhancements to our lives. To be important, it should be utilized to make developments that are driven by a promising circumstance. Best Free Wordpress Themes
ReplyDeleteThe term can either be applied by and large or to explicit regions: models incorporate development technology, clinical technology, and data technology. Click Speed Test
ReplyDeleteWe never had that association" (Lohnes). Nichole hates the way that her school demands that she had more contact with technology than she is comparable with. Regardless, she clarifies that as she began doing those school online tasks so regularly she came to understand that they were not excessively terrible. EMF Protectors
ReplyDeleteIt is the start of a pastime and a chance for your gift beneficiary to enter a great diversion forever. Europa-Road targonca szállítás Debrecen
ReplyDeleteIn this day and age, advances will in general immediately become commoditized, and inside a specific technology lies the seeds of its own demise.
ReplyDeleteoppo a15 price in bangladesh
Those that fizzled couldn't discover the chance to foster a significant development utilizing their technology. Indeed to endure, these organizations needed to transform frequently into something entirely unexpected and in case they were fortunate they could exploit subordinates of their unique technology. online document digital service
ReplyDeleteIt didn't take long for the main threats toward start a couple of years after the fact in 1891 over, for goodness' sake, the school tones. UGA's school magazine proclaimed the school tones to be gold, dark and blood red.https://shuttlesky.in/
ReplyDeleteWe think about messages as the center of science, which ought to likewise be in the center of technology because of the basically same nature of science and technology. https://hostinglelo.in/
ReplyDeleteThe allegations were doubtful and the SIAA later decided for Tech. In his 16 seasons at Georgia Tech, Heisman drove the Golden Tornado (as Tech was known) to three undefeated seasons, including a 32 game series of wins and an immeasurably significant 23 - 6 triumph over Georgia. Qualtech Security
ReplyDeleteThey are of non-printed nature or focused on non-texts. Crediting the attributes of technology to the different parts of social orders not just confounds the issue, prompting unlimited cooperations yet additionally switch individuals' aims from technology's real essence. Concise Finance Wandsworth UK Retirement Mortgage
ReplyDeleteTechnology is only a device.
ReplyDeleteIt shouldn't be utilized in study halls or youngster care focuses on the grounds that it's cool, but since instructors can do exercises that help the sound improvement of kids. FinanceHub SW London Birmingham Midshires
Then again, numerous interests can be addressed by entering inquiries into web search tools, in a moment or two. It appears everybody has sufficient information. Each of the one requirements is to make a move. Accordingly, more individuals became activity arranged, the expression "technology" is turning out to be more famous than the expression "science".watch tv online free
ReplyDeletegenuine sense technology additionally has these highlights. Fundamentally, the innovations in unskilled social orders likewise came from the consecutive personalities with logical properties in crude structure, best cheap web hosting
ReplyDeleteAny time your youngster is locked in with a screen, stop a program, or quiet the ads, and pose drawing in inquiries. What was that character thinking? For what reason did the fundamental person do that? How might you have treated that circumstance? watch tv on laptop
ReplyDeletepresently! I genuinely accept that following these tips can draw you nearer to that. However, https://www.buyyoutubesubscribers.in/
ReplyDeleteGet more information
ReplyDelete