1

I am using ApacheDS as directory server & UnboundID as LDAP SDK for entering user and its related groups. I am following a link 

http://ldapwiki.willeke.com/wiki/Tips%20using%20UnboundID%20LDAP%20SDK

in which they have used CompareRequest method to find out whether user is a member of a particular group or not?

The code i have written against this method is as such

 //input ---- uid = "rohit.joshi" and groupName = "Java"
 public boolean isUserMemberOfGroup(String uid, String groupName) {
  boolean answ = false;
  LDAPConnection connection = connect();
  try {
  //userDN -- uid=rohit.joshi,ou=users,o=wipro
  String userDN = "uid=" + uid + ",ou=users," + LDAP_BASE_DN; 
  //groupDN -- cn=Java,ou=groups,o=wipro
  String groupDN = "cn=" + groupName + ",ou=groups," + LDAP_BASE_DN;
 CompareRequest compareRequest = new CompareRequest(userDN, "uniqueMember", groupDN);
  CompareResult compareResult = connection.compare(compareRequest);
   if (compareResult.compareMatched()) {
    // The user is a member of the group.
    System.out.println("user is a member of group");
   }
   else {
    // The user is not a member of the group.
    System.out.println("user is not a member of group");
   }
  } catch (LDAPException e) {
   e.printStackTrace();
  }
  return answ;
 }

CREATING LDAP CONNECTOR
Connection with LDAP Server Established : true
LDAPException(resultCode=16 (no such attribute), errorMessage='NO_SUCH_ATTRIBUTE: failed for MessageType : COMPARE_REQUEST
Message ID : 1
    Compare request
        Entry : 'uid=mahesh.joshi,ou=users,o=wipro'
        Attribute description : 'uniqueMember'
        Attribute value : 'cn=Java,ou=groups,o=wiproorg.apache.directory.api.ldap.model.message.CompareRequestImpl@1d9123e1: null', diagnosticMessage='NO_SUCH_ATTRIBUTE: failed for MessageType : COMPARE_REQUEST
Message ID : 1
    Compare request
        Entry : 'uid=mahesh.joshi,ou=users,o=wipro'
        Attribute description : 'uniqueMember'
        Attribute value : 'cn=Java,ou=groups,o=wiproorg.apache.directory.api.ldap.model.message.CompareRequestImpl@1d9123e1: null')
 at com.unboundid.ldap.sdk.LDAPConnection.compare(LDAPConnection.java:2236)
 at com.LdapServiceImpl.isUserMemberOfGroup(LdapServiceImpl.java:380)
 at com.App.main(App.java:102)

But running this method I am getting error in console as shown above. While I am able to check user and group existence individually.But checking them in a single query operation is still not possible. Any suggests in this regard would be a great help.

sfjac
  • 7,119
  • 5
  • 45
  • 69
joshi
  • 85
  • 1
  • 10

1 Answers1

1

Apparently there is 'NO_SUCH_ATTRIBUTE' of 'uniqueMember' within ApacheDS.

LDAPException(resultCode=16 (no such attribute), errorMessage='NO_SUCH_ATTRIBUTE: failed for MessageType : COMPARE_REQUEST
Message ID : 1
    Compare request
        Entry : 'uid=mahesh.joshi,ou=users,o=wipro'
        Attribute description : 'uniqueMember'

Try using 'member' rather than 'uniqueMember'.

WORKING Example:

public static void main(String[] args)
{
    LDAPConnection connection = new LDAPConnection();
    try
    {
       connection.connect("localhost", 10389);
    }
    catch (LDAPException e)
    {
    // TODO Auto-generated catch block
       e.printStackTrace();
    }
    String attributeName = "uniqueMember";
    String assertionValue = "uid=mahesh.joshi,ou=users,ou=sevenSeas,dc=example,dc=com";
    String entryDN = "cn=Java,ou=groups,ou=sevenSeas,dc=example,dc=com";
    CompareRequest compareRequest = new CompareRequest(entryDN, attributeName, assertionValue);
    CompareResult compareResult = null;
    try
    {
       compareResult = connection.compare(compareRequest);
       if (compareResult.compareMatched())
       {
           System.out.println("The user: " + assertionValue + " is a member of the group: " + entryDN);
       }
       else
       {
           System.out.println("The user: " + assertionValue + " is NOT a member of the group: " + entryDN);
       }
    }
    catch (LDAPException e)
    {
    // TODO Auto-generated catch block
       e.printStackTrace();
    }
}

Setup an example as closely as I could to your scenario. -jim

jwilleke
  • 10,467
  • 1
  • 30
  • 51
  • @jim - how is it possible if i am using uniqueMember attribute while creating the user inside a group. Even though i tried your suggestion, but same error exists . My group decription is as such - cn - Java and uniqueMember - uid=mahesh.joshi,ou=users,o=wipro – joshi May 29 '15 at 13:15
  • I do not know. The Error message is pretty explicit. Perhaps if you could show the group as an LDIF we might see something. – jwilleke May 29 '15 at 22:22
  • @Jim - here is my java group present in ldiff file as- dn: cn=Java,ou=groups,o=wipro objectClass: top objectClass: groupOfUniqueNames cn: Java uniqueMember: uid=dinesh.joshi,ou=users,o=wipro uniqueMember: uid=ankit.chouhan,ou=users,o=wipro uniqueMember: uid=mahesh.joshi,ou=users,o=wipro – joshi Jun 01 '15 at 04:19