Qore openldap Module
1.0
|
The LdapClient class. More...
Public Member Functions | |
nothing | add (string dn, hash attrs, *timeout timeout_ms) |
add ldap an entry and attributes | |
bind (hash bind, *timeout timeout_ms) | |
bind to the server with the given authentication parameters | |
bool | compare (string dn, string attr, softlist vals, *timeout timeout_ms) |
check ldap attribute values; if any errors occur (entry does not exist, etc), an LDAP-ERROR exception will be thrown | |
constructor (string uri, *hash options) | |
Creates a new LdapClient object and establishes a connection to the server with optional bind parameters. | |
copy () | |
Creates a new LdapClient object based on the original. | |
nothing | del (string dn, *timeout timeout_ms) |
delete ldap entries; if any errors occur (entry does not exist, etc), an LDAP-ERROR exception will be thrown | |
destructor () | |
unbinds from the LDAP server (if a connection has been established) and destroys the object | |
string | getUri () |
returns the URI string used to connect to the LDAP server | |
bool | isSecure () |
returns True if the connection to the server is secure, False if not | |
nothing | modify (string dn, softlist mods, *timeout timeout_ms) |
modify (add, replace, delete) ldap attributes; if any errors occur (entry does not exist, etc), an LDAP-ERROR exception will be thrown | |
nothing | passwd (string dn, string oldpwd, string newpwd, *timeout timeout_ms) |
changes the LDAP password of a user | |
nothing | rename (string dn, string newrdn, string newparent, softbool deleteoldrdn=True, *timeout timeout_ms) |
renames entries in the Directory Information Tree | |
hash | search (hash h, *timeout timeout_ms) |
performs a search on the LDAP server |
Static Public Member Functions | |
static | getInfo () |
Returns a hash with information about the openldap library. |
The LdapClient class.
nothing OpenLdap::LdapClient::add | ( | string | dn, |
hash | attrs, | ||
*timeout | timeout_ms | ||
) |
add ldap an entry and attributes
Give the new entry's objectclass as an attribute; an attribute value can be a list to add multiple values to an attribute
dn | the distinguished name of the entry to add |
attrs | a hash of new attributes; the keys are attribute names and the values are the attribute values |
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ADD-ERROR | missing attribute value |
LDAP-ERROR | an error occurred performing the add operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
OpenLdap::LdapClient::bind | ( | hash | bind, |
*timeout | timeout_ms | ||
) |
bind to the server with the given authentication parameters
The current session is disconnected before binding again.
bind | a hash of bind parameters, allowed keys are:
|
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-BIND-ERROR | parameter type error or 'password' given with no 'binddn' value |
LDAP-ERROR | an error occurred performing the bind |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
bool OpenLdap::LdapClient::compare | ( | string | dn, |
string | attr, | ||
softlist | vals, | ||
*timeout | timeout_ms | ||
) |
check ldap attribute values; if any errors occur (entry does not exist, etc), an LDAP-ERROR
exception will be thrown
dn | the distinguished name of the entry to find for the attribute value comparison |
attr | the name of the attribute for the value comparison |
vals | a single string or a list of strings of values to compare; if any value is not a string it will be converted to a string |
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
True
if the value(s) match, False
if notLDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ERROR | an error occurred performing the comparison operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
OpenLdap::LdapClient::constructor | ( | string | uri, |
*hash | options | ||
) |
Creates a new LdapClient object and establishes a connection to the server with optional bind parameters.
A connection to the server is made with an empty search request even if no bind parameters are given. To ensure that a secure TLS connection is made to the server regardless of the scheme given in the URI, set the "starttls"
argument to True
.
Each LdapClient object represents a connection to the server. Individual requests are wrapped in mutual exclusion locks to ensure atomicity and thread-safety, therefore if sharing a single LdapClient object between multiple threads, simultaneous requests will block if another request is already in progress.
uri | the URI of the ldap server (ex: "ldaps://ldap.example.com" ) |
options | an optional hash of optional parameters, allowed keys are:
|
"timeout"
option is given, a default timeout value of 60 seconds is set automaticallyLDAP-ERROR | an error occurred creating the ldap session context |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
OpenLdap::LdapClient::copy | ( | ) |
Creates a new LdapClient object based on the original.
LDAP-ERROR | an error occurred copying the ldap session context |
nothing OpenLdap::LdapClient::del | ( | string | dn, |
*timeout | timeout_ms | ||
) |
delete ldap entries; if any errors occur (entry does not exist, etc), an LDAP-ERROR
exception will be thrown
dn | the distinguished name of the entry to delete |
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ERROR | an error occurred performing the delete operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
OpenLdap::LdapClient::destructor | ( | ) |
unbinds from the LDAP server (if a connection has been established) and destroys the object
|
static |
Returns a hash with information about the openldap library.
ApiVersion:
the API version numberProtocol:
the protocol numberVendorName:
the vendor of the libraryVendorVersion:
the version of the libraryExtensions:
a list of extensions supported (strings)ApiFeature:
a hash with a single key; the API feature name, where the value is the feature version string OpenLdap::LdapClient::getUri | ( | ) |
returns the URI string used to connect to the LDAP server
bool OpenLdap::LdapClient::isSecure | ( | ) |
returns True
if the connection to the server is secure, False
if not
True
if the connection to the server is secure, False
if notLDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
nothing OpenLdap::LdapClient::modify | ( | string | dn, |
softlist | mods, | ||
*timeout | timeout_ms | ||
) |
modify (add, replace, delete) ldap attributes; if any errors occur (entry does not exist, etc), an LDAP-ERROR
exception will be thrown
dn | the distinguished name of the entry to modify |
mods | a hash or list of hashes of modifications to make; each hash is made up of the following keys:
|
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-MODIFY-ERROR | invalid mod hash format; missing value for add or replace operation |
LDAP-ERROR | an error occurred performing the modify operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
nothing OpenLdap::LdapClient::passwd | ( | string | dn, |
string | oldpwd, | ||
string | newpwd, | ||
*timeout | timeout_ms | ||
) |
changes the LDAP password of a user
dn | the distinguished name of the user whose password to change |
oldpwd | the old password |
newpwd | the new password |
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ERROR | an error occurred performing the password change operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
nothing OpenLdap::LdapClient::rename | ( | string | dn, |
string | newrdn, | ||
string | newparent, | ||
softbool | deleteoldrdn = True , |
||
*timeout | timeout_ms | ||
) |
renames entries in the Directory Information Tree
dn | the distinguished name of the entry to rename |
newrdn | the new relative distinguished name of the entry |
newparent | the distinguished name of the entry's new parent |
deleteoldrdn | if this argument is False , then the old relative distinguished name will be maintained along with the new name, if True (the default), then the old attributes are deleted |
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ERROR | an error occurred performing the rename operation |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |
hash OpenLdap::LdapClient::search | ( | hash | h, |
*timeout | timeout_ms | ||
) |
performs a search on the LDAP server
h | a hash of search options with one or more of the following keys:
|
timeout_ms,: | an optional timeout in milliseconds (1/1000 second); if no timeout is given or a timeout of 0 is given, the default timeout for the LdapClient object is used instead; note that like all Qore functions and methods taking timeout values, a relative date/time value can be used to make the units clear (i.e. 20s = twenty seconds, etc.); integers are treated as values in milliseconds, relative date/time values have a maximum resolution of 1 millisecond |
LDAP-NO-CONTEXT | the LDAP session is not connected or the session context is not bound |
LDAP-ERROR | an error occurred performing the search |
ENCODING-CONVERSION-ERROR | this exception could be thrown if there is an error converting any string's encoding to UTF-8 before sending to the server |