How to check whether current LDAP server is up or down before doing an authentication

Question

I want to check whether the current LDAP server is up or down before doing an authentication. I am using UnboundID LDAP SDK. IS there any possible way to do this?

score 1 · Answer 1 · answered Feb 12 '17 at 22:27

Check if the port is up and running. It's pur Java. No SSL Factory or SSL Context or Credentials needed. Has a time out in milliseconds, if the package is dropped by a firewall.

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;

public static boolean isPortReachable(String host, int port, int timeOutMS) {
    try (Socket serverSocket = new Socket();) {
        serverSocket.connect(new InetSocketAddress(host, port), timeOutMS);
        return true;    
    } catch (final IOException e) { /* Ignore, Port not reachable */ }
    return false;
}

Usage for LDAP or LDAPS:

if (isPortReachable(hostname, 389, 200)) { ... }

if (isPortReachable(hostname, 636, 200)) { ... }

score 0 · Answer 2 · answered Jan 23 '16 at 12:56

0

There is a method isConnected():

public boolean isConnected()
Indicates whether this connection is currently established.
Returns:
true if this connection is currently established, or false if it is not.

So a simple example something like:

LDAPConnection ldc = new LDAPConnection()
ldc.connect(...);
if (ldc.isConnected())
{
   do good stuff
}
else
{
   getLDAPConnection(...);
}

Should do the trick.

answered Jan 23 '16 at 12:56

jwilleke

10,467
1
30
51

I need to know whether LDAP server is down or up before doing any authentication. In this answer I have to use an authenticated entry to create ldc connection. Thank you for your effort. – Malinda Jan 25 '16 at 06:11
I'd be surprised if this would work as required. I would expect it not to actually connect until you did some real LDAP operation. – user207421 Jan 25 '16 at 11:19
The ldc.isconnected actually does a connection. As I recall, makes an anonymous call to some non-existent control or extension – jwilleke Jan 25 '16 at 12:45

score 0 · Answer 3 · answered Jan 24 '16 at 18:31

0

The best way to test whether any resource is available is simply to try to use it in the normal course of your application, and cope with the errors as they arise.

Otherwise you're trying to predict the future.

answered Jan 24 '16 at 18:31

user207421

305,947
44
307
483

score 0 · Accepted Answer · answered Jan 25 '16 at 06:15

0

We can do this with SSUtil. Here an authenticated entry will not be needed and we can check whether the server is up or down before doing any authentication.

SSLUtil su = new SSLUtil(new TrustAllTrustManager());
SSLSocketFactory sf = su.createSSLSocketFactory();
LDAPConnection connection = new LDAPConnection(sf,"localhost", 10636);

Looking for pros and cons for this solution.

answered Jan 25 '16 at 06:15

Malinda

336
2
12

Con: you're trying to predict the future. The server could be up when you do the test and down when you do the authentication. Or the other way round. There's no point to this. – user207421 Jan 25 '16 at 11:19
What do you mean by predicting the future. Just I need to check whether the server is up or down before doing any authentication. – Malinda Jan 30 '16 at 08:36

How to check whether current LDAP server is up or down before doing an authentication

4 Answers4