Software Engineering Recitation 6 Suhit Gupta
Dec 20, 2015
Software Engineering
Recitation 6
Suhit Gupta
Review
Classpath Stream vs. Reader
Today
LDAP
LDAP
Lightweight Directory Access Protocol
Snapshot of UT
LDAP – support is wide
What is LDAP
Lightweight Directory Access Protocol – A cross platform protocol for communicating with a directory server
It has descended from the X.500 OSI Directory Access protocol – which was too cumbersome for microcomputers
It is a data representation model optimized for arbitrary queries.
What is a directory?
A centralized structured hierarchical repository of configuration, authentication and other network and systems related information.
Eg - /etc/passwd, /etc/shadow It is a system optimized for a predominantly “lookup”
application. It is not a database
– No transactions– Not relations– Poor Update/Insert/Delete Operations
So why are we using it?
A centralized cross-platform data repository greatly simplifies administration
Replication support increases availability Distribution of information can reduce network
load on critical segments Front-ends such as www to LDAP in
conjunction with well designed access controls can place some administration tasks in the hands of the users themselves.
Why LDAP?
Both NDS and MSFT-AD are LDAP servers
LDAP is open, and will inter-operate with other directories
It is simple
Some notation
cn ou dc o dn
What the structure looks like…
O=softe
Ou=services Ou=actors Ou=states
However…
It’s really a flat db There really isn’t this tree like structure But we don’t care
What is a schema?
The schema describes the structure of the directory contents. Schemas are optional but you usually want them.
The schema describes the datatype of each attribute.
The schema specifies the attribute found in each object class.
Schema
Janak has explicitly created three for you– Service– Actor– ActorState
Service
Service reference ID: CN tag in DN: use your group ID
Required:– ServerIP (string)– ServerPort (int)– ServerType (string): A or S
Optional– WorldName– Extensions
Actor
Actor “name”/login id: CN tag in DN Required:
– HP: int– XP: int– Gold: int– Password: String
Optional:– ImageURL
ActorState
CN in DN: unique identifier– We’ll use combination of actor, world, and service– “ac=actorname+wn=worldname+sv=servicename”
Required– LocationX: int– LocationY: int– Status: int– WorldInstance: int
JNDI
Relatively simple Java API, built into 1.3 and higher
Actually more than LDAP: DNS, etc. For LDAP, uses concept of directory
context in which the operation will be done– ldap://softe.cs.columbia.edu:389/o=softe
Once set, go ahead and do operation
JNDI Lookups
getAttributes() method searches by (unique) DN– similar to lookup() but more powerful
Returns Attributes object: collection of attribute-value pairs; you can “get” and “put”, like a Hashtable
JNDI Searches search() searches within a DN for all entries
that match the Attributes set you provide– list() finds all in the DN context
Returns NamingEnumeration (subinterface of Enumeration)– Each entry in the Enumeration is a
SearchResult, which you can convert toString() and then do a lookup
– For list(), returns a NameClassPair Example
JNDI Writes
Just like we can getAttributes(), we can…
(re)bind()– Ok, so the parallel isn’t ideal– Name: DN– Object: null (Java can serialize to LDAP!)– Attributes: our good friend
Example
JNDI Deletes
unbind(); Must supply whole DN to it
– Use search() if you don’t know what the full DN of the relevant object is
JNDI Miscellany
Name class– You don’t have to use this: it’s a bit more
“civilized” way of dealing with DN’s, though– For the scope of this class, it’s acceptable
just to use Strings for DN’s
The receive code
Update to new version, Suhit
import javax.naming.*;import javax.naming.directory.*;import java.util.*;
public class SearchForServices { public static void main(String[] args) { if(args.length != 1) { System.out.println("usage: java SearchForServices <LDAP server>:port"); System.exit(-1); } // Create the environment in which we will do lookups Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL,
"ldap://" + args[0] + "/dc=softe,dc=cs,dc=columbia,dc=edu");
// Now connect and perform the list request DirContext ctx = null; NamingEnumeration ne = null; try { ctx = new InitialDirContext(env); ne = ctx.list("ou=services"); } catch(NamingException e) { e.printStackTrace(); }
// Now list all services while(ne.hasMoreElements()) { NameClassPair ncp = (NameClassPair)ne.nextElement(); System.out.println("Found " + ncp + "; attributes are:"); // Lookup this element Attributes a = null; try {
a = ctx.getAttributes(ncp.getName() + ",ou=services"); } catch(NamingException e) { e.printStackTrace(); } // Print out the set of attributes System.out.println(a + "-------"); }}}
The send code
Update to new version, Suhit
import javax.naming.*;import javax.naming.directory.*;import java.util.*;
public class AddService { public static void main(String[] args) { if(args.length != 5) { System.out.println("usage: java AddService <LDAP server:port> <ServerRef> <ServerIP> <ServerPort> <ServerType>"); System.exit(-1); }
// Create the environment in which we will do binds Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL,
"ldap://" + args[0] + "/o=softe"); env.put(Context.SECURITY_PRINCIPAL, "cn=Manager,o=softe"); env.put(Context.SECURITY_CREDENTIALS, "cs3156");
// Now connect and perform the list request DirContext ctx = null; NamingEnumeration ne = null; try { ctx = new InitialDirContext(env); // Create the attributes Attributes a = new BasicAttributes(); a.put("objectClass", "Service"); a.put("ServerIP", args[2]); a.put("ServerPort", args[3]); a.put("ServerType", args[4]);
ctx.bind("cn=" + args[1] + ",ou=services",null,a); } catch(NamingException e) { e.printStackTrace(); }
System.out.println("Done!"); }}
Where does our LDAP server exist??
liberty.psl.cs.columbia.edu (but we call it softe.cs.columbia.edu)
We shall give you the username/password etc. on the webpage in the next few days
We will also update the requirement field names