LDAP client
LDAP client
(add connection dn entry)
(add connection dn entry options)
Adds an entry to the connected ldap server. The entry is assumed to be a map. The options map supports control :proxied-auth.
Adds an entry to the connected ldap server. The entry is assumed to be a map. The options map supports control :proxied-auth.
(bind? connection bind-dn password)
Performs a bind operation using the provided connection, bindDN and password. Returns true if successful.
When an LDAP connection object is used as the connection argument the bind? function will attempt to change the identity of that connection to that of the provided DN. Subsequent operations on that connection will be done using the bound identity.
If an LDAP connection pool object is passed as the connection argument the bind attempt will have no side-effects, leaving the state of the underlying connections unchanged.
Performs a bind operation using the provided connection, bindDN and password. Returns true if successful. When an LDAP connection object is used as the connection argument the bind? function will attempt to change the identity of that connection to that of the provided DN. Subsequent operations on that connection will be done using the bound identity. If an LDAP connection pool object is passed as the connection argument the bind attempt will have no side-effects, leaving the state of the underlying connections unchanged.
(close conn)
closes the supplied connection or pool object
closes the supplied connection or pool object
(compare? connection dn attribute assertion-value)
(compare? connection dn attribute assertion-value options)
Determine whether the specified entry contains a given attribute value. The options map supports control :proxied-auth.
Determine whether the specified entry contains a given attribute value. The options map supports control :proxied-auth.
(connect options)
Connects to an ldap server and returns a thread-safe LDAPConnectionPool. Options is a map with the following entries: :host Either a string in the form "address:port" OR a map containing the keys, :address defaults to localhost :port defaults to 389 (or 636 for ldaps), OR a collection containing multiple hosts used for load balancing and failover. This entry is optional. :bind-dn The DN to bind as, optional :password The password to bind with, optional :num-connections Establish a fixed size connection pool. Defaults to 1. :initial-connections Establish a connection pool initially of this size with capability to grow to :max-connections. Defaults to 1. :max-connections Define maximum size of connection pool. It must be greater than or equal to the initial number of connections, defaults to value of :initial-connections. :ssl? Boolean, connect over SSL (ldaps), defaults to false :startTLS? Boolean, use startTLS over non-SSL port, defaults to false :trust-store Only trust SSL certificates that are in this JKS format file, optional, defaults to trusting all certificates :connect-timeout The timeout for making connections (milliseconds), defaults to 1 minute :timeout The timeout when waiting for a response from the server (milliseconds), defaults to 5 minutes
Connects to an ldap server and returns a thread-safe LDAPConnectionPool. Options is a map with the following entries: :host Either a string in the form "address:port" OR a map containing the keys, :address defaults to localhost :port defaults to 389 (or 636 for ldaps), OR a collection containing multiple hosts used for load balancing and failover. This entry is optional. :bind-dn The DN to bind as, optional :password The password to bind with, optional :num-connections Establish a fixed size connection pool. Defaults to 1. :initial-connections Establish a connection pool initially of this size with capability to grow to :max-connections. Defaults to 1. :max-connections Define maximum size of connection pool. It must be greater than or equal to the initial number of connections, defaults to value of :initial-connections. :ssl? Boolean, connect over SSL (ldaps), defaults to false :startTLS? Boolean, use startTLS over non-SSL port, defaults to false :trust-store Only trust SSL certificates that are in this JKS format file, optional, defaults to trusting all certificates :connect-timeout The timeout for making connections (milliseconds), defaults to 1 minute :timeout The timeout when waiting for a response from the server (milliseconds), defaults to 5 minutes
(delete connection dn)
(delete connection dn options)
Deletes the given entry in the connected ldap server. Optionally takes a map that can contain: :pre-read A set of attributes that should be read before deletion (only applied to base entry if used with :delete-subtree) :proxied-auth The dn:<dn> or u:<uid> to be used as the authorization identity when processing the request. :delete-subtree If truthy, deletes the entire subtree of DN (server must support Subtree Delete Control, 1.2.840.113556.1.4.805)
Deletes the given entry in the connected ldap server. Optionally takes a map that can contain: :pre-read A set of attributes that should be read before deletion (only applied to base entry if used with :delete-subtree) :proxied-auth The dn:<dn> or u:<uid> to be used as the authorization identity when processing the request. :delete-subtree If truthy, deletes the entire subtree of DN (server must support Subtree Delete Control, 1.2.840.113556.1.4.805)
(get connection dn)
(get connection dn attributes)
(get connection dn attributes byte-valued)
If successful, returns a map containing the entry for the given DN. Returns nil if the entry doesn't exist or cannot be read. Takes an optional collection that specifies which attributes will be returned from the server.
If successful, returns a map containing the entry for the given DN. Returns nil if the entry doesn't exist or cannot be read. Takes an optional collection that specifies which attributes will be returned from the server.
(get-connection pool)
Returns a connection from the LDAPConnectionPool object. This approach is only needed when a sequence of operations must be performed on a single connection. For example: get-connection, bind?, modify (as the bound user). The connection should be released back to the pool after use.
Returns a connection from the LDAPConnectionPool object. This approach is only needed when a sequence of operations must be performed on a single connection. For example: get-connection, bind?, modify (as the bound user). The connection should be released back to the pool after use.
(modify connection dn modifications)
(modify connection dn modifications options)
Modifies an entry in the connected ldap server. The modifications are a map in the form: {:add {:attribute-a some-value :attribute-b [value1 value2]} :delete {:attribute-c :all :attribute-d some-value :attribute-e [value1 value2]} :replace {:attibute-d value :attribute-e [value1 value2]} :increment {:attribute-f value} :pre-read #{:attribute-a :attribute-b} :post-read #{:attribute-c :attribute-d}}
Where :add adds an attribute value, :delete deletes an attribute value and :replace replaces the set of values for the attribute with the ones specified. The entries :pre-read and :post-read specify attributes that have be read and returned either before or after the modifications have taken place.
Modifies an entry in the connected ldap server. The modifications are a map in the form: {:add {:attribute-a some-value :attribute-b [value1 value2]} :delete {:attribute-c :all :attribute-d some-value :attribute-e [value1 value2]} :replace {:attibute-d value :attribute-e [value1 value2]} :increment {:attribute-f value} :pre-read #{:attribute-a :attribute-b} :post-read #{:attribute-c :attribute-d}} Where :add adds an attribute value, :delete deletes an attribute value and :replace replaces the set of values for the attribute with the ones specified. The entries :pre-read and :post-read specify attributes that have be read and returned either before or after the modifications have taken place.
(modify-password connection new)
(modify-password connection old new)
(modify-password connection old new dn)
Creates a new password modify extended request that will attempt to change the password of the currently-authenticated user, or another user if their DN is provided and the caller has the required authorisation.
Creates a new password modify extended request that will attempt to change the password of the currently-authenticated user, or another user if their DN is provided and the caller has the required authorisation.
(modify-rdn connection dn new-rdn delete-old-rdn)
(modify-rdn connection dn new-rdn delete-old-rdn options)
Modifies the RDN (Relative Distinguished Name) of an entry in the connected ldap server.
The new-rdn has the form cn=foo or ou=foo. Using just foo is not sufficient. The delete-old-rdn boolean option indicates whether to delete the current RDN value from the target entry. The options map supports pre/post-read and proxied-auth controls.
Modifies the RDN (Relative Distinguished Name) of an entry in the connected ldap server. The new-rdn has the form cn=foo or ou=foo. Using just foo is not sufficient. The delete-old-rdn boolean option indicates whether to delete the current RDN value from the target entry. The options map supports pre/post-read and proxied-auth controls.
(release-connection pool connection)
Returns the original connection pool with the provided connection released and reauthenticated.
Returns the original connection pool with the provided connection released and reauthenticated.
(search connection base)
(search connection base options)
Runs a search on the connected ldap server, reads all the results into memory and returns the results as a sequence of maps.
Runs a search on the connected ldap server, reads all the results into memory and returns the results as a sequence of maps.
(search! connection base f)
(search! connection base options f)
Runs a search on the connected ldap server and executes the given function (for side effects) on each result. Does not read all the results into memory.
Runs a search on the connected ldap server and executes the given function (for side effects) on each result. Does not read all the results into memory.
(search-all connection base)
(search-all connection base options)
Uses SimplePagedResultsControl to search on the connected ldap server, and returns the results as a lazy sequence of maps.
Uses SimplePagedResultsControl to search on the connected ldap server, and returns the results as a lazy sequence of maps.
(who-am-i connection)
Return the authorization identity associated with this connection.
Return the authorization identity associated with this connection.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close