File to LDAP (JLDAP)
From SharemailWiki
This configuration file syncs data from the text file to an LDAP directory using the jLDAP libraries. It introduces the use of additional class properties required by the destination, and use of a Drools ruleset to populate them. It also shows how the DRRE matches incoming data against existing in order to determine what operation to perform (add or modify).
Please note that the jLDAP libraries are supported for legacy reasons, future development will be taking place using the UnboundID libraries
Files to download:
- ApplicationContext-FileToLDAP-jLDAP-Example.xml
- ObjectClassAndPlacement.xls - a Drools ruleset
- TestDataForFileToLDAP.txt - sample data
Contents of configuration file (comments to be added):
<?xml version="1.0" encoding="UTF-8"?>
<!-- checked syntax and operation against 0.7.7 Rob H 31 Mar 2010 -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mule="http://www.mulesource.org/schema/mule/core/2.2"
xmlns:file="http://www.mulesource.org/schema/mule/file/2.2"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.mulesource.org/schema/mule/core/2.2 http://www.mulesource.org/schema/mule/core/2.2/mule.xsd
http://www.mulesource.org/schema/mule/file/2.2 http://www.mulesource.org/schema/mule/file/2.2/mule-file.xsd">
<bean id="applicationEventMulticaster" class="org.mule.module.spring.events.MuleEventMulticaster">
<property name="subscriptions">
<list>
<value>file:////tmp//drreFileToLDAP?transformers=colonDemilitedToListTransformer&autoDelete=false&moveToDirectory=////tmp//done</value>
</list>
</property>
</bean>
<bean id="colonDemilitedToListTransformer" class="com.sharemail.mule.providers.file.transformers.ColonDelimitedToListTransformer" />
<bean class="org.mule.config.spring.processors.MuleObjectNameProcessor"/>
<bean id="delimFileAdaptor" class="com.sharemail.drre.client.adpators.impl.SimpleDelimFileAdaptorImpl">
<property name="dynamicBeanHelper"><ref bean="dynamicBeanHelper"/></property>
<property name="objectProcessor"><ref bean="objectProcessor"/></property>
<property name="subscriptions">
<list>
<value>file:////tmp//drreFileToLDAP?transformers=colonDemilitedToListTransformer&autoDelete=false&moveToDirectory=////tmp//done</value>
</list>
</property>
<property name="objectMapping">
<list>
<map>
<entry>
<key><value>InternalObjectClass</value></key>
<value>inetOrgPerson</value>
</entry>
<entry>
<key><value>Properties</value></key>
<list>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>0</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>cn</value>
</entry>
<entry>
<key><value>MetaData</value></key>
<list>
<value>LDAPNaming</value>
</list>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>1</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>givenName</value>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>2</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>sn</value>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>3</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>uid</value>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>-1</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>objectClass</value>
</entry>
<entry>
<key><value>Multi-Valued</value></key>
<value>true</value>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>-1</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>context</value>
</entry>
<entry>
<key><value>MetaData</value></key>
<list>
<value>LDAPContext</value>
</list>
</entry>
</map>
<map>
<entry>
<key> <value>ColIndex</value></key>
<value>-1</value>
</entry>
<entry>
<key><value>PropertyName</value></key>
<value>dn</value>
</entry>
<entry>
<key><value>MetaData</value></key>
<list>
<value>LDAPDn</value>
</list>
</entry>
</map>
</list>
</entry>
</map>
</list>
</property>
</bean>
<bean name="objectProcessor" class="com.sharemail.drre.core.impl.ObjectProcessorImpl">
<property name="publications">
<list>
<value>drre://drreLdap</value>
</list>
</property>
<property name="dynamicBeanHelper"><ref bean="dynamicBeanHelper"/></property>
</bean>
<bean name="dynamicBeanHelper" class="com.sharemail.drre.helpers.impl.DynamicBeanHelperImpl"/>
The droolsRuleset bean loads Drools decision table into memory, allowing other beans to process data-bearing dynamic beans through them by through referencing their names. The droolsRulesetProcessor bean is a helper bean for processing.
- The droolsRulesetFiles property contains a list of maps, each map contains the Name and the FileLocation (fully qualified path) of a ruleset
See Drools documentation at www.jboss.org/drools for more on decision tables and rulesets.
<bean name="droolsRulesets" class="com.sharemail.drre.core.rulesets.impl.DroolsRulesetsImpl">
<property name="droolRulesetProcessor"><ref bean="droolsRulesetProcessor"/></property>
<property name="dynamicBeanHelper"><ref bean="dynamicBeanHelper"/></property>
<property name="droolsRulesetFiles">
<list>
<map>
<entry><key><value>Name</value></key>
<value>Object class and placement</value>
</entry>
<entry><key><value>FileLocation</value></key>
<value>/home/rob/development/drre/examples/FileToLDAP-jLDAPExample/ObjectClassAndPlacement.xls</value>
</entry>
</map>
</list>
</property>
</bean>
<bean name="droolsRulesetProcessor" class="com.sharemail.drre.drools.DroolsRulesetProcessor"/>
The drreLdap bean is the server adaptor:
- ldapObjectWriter is a helper bean for writing correctly formatted LDAP commands
- ldapCommandAdaptor is a helper for constructing LDAP commands using the jLDAP classes
- ldapConnectionPool adaptor is a reference to a bean which is responsible for managing a pool of jLDAP connections
- ldapConnectionName is the name of the connection loaded in the ldapConnectionPool adaptor which will be used
- droolsRulesets is a reference to the bean containing in-memory Drools ruleset trees
- target format is the format in which to write LDAP commands LDAP , LDIF and DSML are valid here, but each requires different configuration
- ruleSets to apply is a list of the names of Drools rulesets through which to process the data. Rulesets are processed in the order in which they appear in this list
- matchingAttribute is a list of attributes which will be used to attempt to matching incoming data against existing data in the LDAP directory using LDAP searches (a shared key). Matches are attempted using attributes in the order in which they appear in the list
- matchingSearchBases is a list of LDAP container DNs which will be searched using subtree searches. Searches are performed using search bases in the order in which they appear in the list
<bean name="drreLdap" class="com.sharemail.drre.server.adaptors.impl.LdapObjectAdaptorImpl">
<property name="ldapObjectWriter"> <ref bean="ldapAccountWriter"/></property>
<property name="ldapCommandAdaptor"><ref bean="ldapCommandAdaptor"/></property>
<property name="ldapConnectionPoolAdaptor"><ref bean="ldapConnectionPoolAdaptor"/></property>
<property name="ldapConnectionName" value="drreLdapDir"/>
<property name="dynamicBeanHelper"><ref bean="dynamicBeanHelper"/></property>
<property name="droolsRulesets"><ref bean="droolsRulesets"/></property>
<property name="targetFormat" value="LDAP"/>
<property name="rulesetsToApply">
<list>
<value>Object class and placement</value>
</list>
</property>
<property name="matchingAttributes">
<list>
<value>cn</value>
</list>
</property>
<property name="matchingSearchBases">
<list>
<value>ou=users,dc=example,dc=com</value>
</list>
</property>
</bean>
The ldapAccountWriter and ldapCommandAdaptor beans are helpers. The ldapConnectionPool adaptor contains the ldapConnectionPools attributes, which is a list of maps, each map contains details of an LDAP service against which a pool of connections will be initialised when first accessed.
- name is a unique name for the LDAP service which is used by other beans to reference the pool
- server is the hostname or IP address of the LDAP server
- bindDn is the DN of the user to use to bind to the LDAP directory. This user must have rights to perform whatever operations that will be carried out by the adaptor
- bindPwd is the password to use in the bind
- port is the LDAP port to which to connect. 389 is standard LDAP, 636 is secure LDAP. If secure LDAP is used the server certificate must be trusted by the JRE in which the DRRE is loaded (usually this means that the public cert which singed the server certificate should be present in $JAVA_HOME/jre/lib/security/cacerts - this can be managed using the keytool command.
- maxCons is the number of connections which will be initialised
- maxSharedCons is the number of connections which will be available for sharing
<bean name="ldapAccountWriter" class="com.sharemail.drre.server.adaptors.writers.impl.LdapObjectWriterImpl">
<property name="dynamicBeanHelper"><ref bean="dynamicBeanHelper"/></property>
<property name="attributesToIgnore">
<list>
<value>context</value>
<value>dn</value>
</list>
</property>
</bean>
<bean name="ldapConnectionPoolAdaptor" class="com.sharemail.drre.server.adaptors.impl.LdapConnectionPoolAdaptorImpl">
<property name="ldapConnectionPools">
<list>
<map>
<entry>
<key> <value>name</value></key>
<value>drreLdapDir</value>
</entry>
<entry>
<key> <value>server</value></key>
<value>127.0.0.1</value>
</entry>
<entry>
<key> <value>bindDn</value></key>
<value>cn=admin,dc=example,dc=com</value>
</entry>
<entry>
<key> <value>bindPwd</value></key>
<value>secret</value>
</entry>
<entry>
<key> <value>port</value></key>
<value>389</value>
</entry>
<entry>
<key> <value>maxCons</value></key>
<value>5</value>
</entry>
<entry>
<key> <value>maxSharedCons</value></key>
<value>5</value>
</entry>
</map>
</list>
</property>
</bean>
<bean name="ldapCommandAdaptor" class="com.sharemail.drre.server.adaptors.impl.LdapCommandApdaptorImpl"/>
</beans>
