clj-ldap.client
LDAP client
LDAP client
addclj
(add connection dn entry)Adds an entry to the connected ldap server. The entry is assumed to be a map.
Adds an entry to the connected ldap server. The entry is assumed to be a map.
bind?clj
(bind? connection bind-dn password)Performs a bind operation using the provided connection, bindDN and password. Returns true if successful.
When an LDAP connection object is used as the connection argument the bind? function will attempt to change the identity of that connection to that of the provided DN. Subsequent operations on that connection will be done using the bound identity.
If an LDAP connection pool object is passed as the connection argument the bind attempt will have no side-effects, leaving the state of the underlying connections unchanged.
Performs a bind operation using the provided connection, bindDN and password. Returns true if successful. When an LDAP connection object is used as the connection argument the bind? function will attempt to change the identity of that connection to that of the provided DN. Subsequent operations on that connection will be done using the bound identity. If an LDAP connection pool object is passed as the connection argument the bind attempt will have no side-effects, leaving the state of the underlying connections unchanged.
connectclj
(connect options)Connects to an ldap server and returns a thread-safe LDAPConnectionPool. Options is a map with the following entries: :host Either a string in the form "address:port" OR a map containing the keys, :address defaults to localhost :port defaults to 389 (or 636 for ldaps), OR a collection containing multiple hosts used for load balancing and failover. This entry is optional. :bind-dn The DN to bind as, optional :password The password to bind with, optional :num-connections The number of connections in the pool, defaults to 1 :ssl? Boolean, connect over SSL (ldaps), defaults to false :cipher-suites An optional set of strings corresponding to SSL cipher suites, defaults to nil :ssl-protocols An optional set of strings corresponding to SSL protocols. TLSv1.3, TLSv1.2, TLSv1.1, & TLSv1 are supported options, defaults to nil :start-tls? Boolean, use startTLS to initiate TLS on an otherwise unsecured connection, defaults to false. :trust-store Only trust SSL certificates that are in this JKS format file, optional, defaults to trusting all certificates :trust-managers An optional TrustManager array to be used in place of a temporary keystore to create an SSLSocketFactory. :verify-host? Verifies the hostname of the specified certificate, false by default. :wildcard-host? Allows wildcard in certificate hostname verification, false by default. :connect-timeout The timeout for making connections (milliseconds), defaults to 1 minute :timeout The timeout when waiting for a response from the server (milliseconds), defaults to 5 minutes
Connects to an ldap server and returns a thread-safe LDAPConnectionPool.
Options is a map with the following entries:
:host Either a string in the form "address:port"
OR a map containing the keys,
:address defaults to localhost
:port defaults to 389 (or 636 for ldaps),
OR a collection containing multiple hosts used for load
balancing and failover. This entry is optional.
:bind-dn The DN to bind as, optional
:password The password to bind with, optional
:num-connections The number of connections in the pool, defaults to 1
:ssl? Boolean, connect over SSL (ldaps), defaults to false
:cipher-suites An optional set of strings corresponding to SSL
cipher suites, defaults to nil
:ssl-protocols An optional set of strings corresponding to SSL
protocols. TLSv1.3, TLSv1.2, TLSv1.1, & TLSv1 are
supported options, defaults to nil
:start-tls? Boolean, use startTLS to initiate TLS on an otherwise
unsecured connection, defaults to false.
:trust-store Only trust SSL certificates that are in this
JKS format file, optional, defaults to trusting all
certificates
:trust-managers An optional TrustManager array to be used in place of
a temporary keystore to create an SSLSocketFactory.
:verify-host? Verifies the hostname of the specified certificate,
false by default.
:wildcard-host? Allows wildcard in certificate hostname verification,
false by default.
:connect-timeout The timeout for making connections (milliseconds),
defaults to 1 minute
:timeout The timeout when waiting for a response from the server
(milliseconds), defaults to 5 minutes
deleteclj
(delete connection dn)(delete connection dn options)Deletes the given entry in the connected ldap server. Optionally takes a map that can contain the entry :pre-read to indicate the attributes that should be read before deletion.
Deletes the given entry in the connected ldap server. Optionally takes a map that can contain the entry :pre-read to indicate the attributes that should be read before deletion.
getclj
(get connection dn)(get connection dn attributes)If successful, returns a map containing the entry for the given DN. Returns nil if the entry doesn't exist or cannot be read. Takes an optional collection that specifies which attributes will be returned from the server.
If successful, returns a map containing the entry for the given DN. Returns nil if the entry doesn't exist or cannot be read. Takes an optional collection that specifies which attributes will be returned from the server.
modifyclj
(modify connection dn modifications)Modifies an entry in the connected ldap server. The modifications are a map in the form: {:add {:attribute-a some-value :attribute-b [value1 value2]} :delete {:attribute-c :all :attribute-d some-value :attribute-e [value1 value2]} :replace {:attibute-d value :attribute-e [value1 value2]} :increment {:attribute-f value} :pre-read #{:attribute-a :attribute-b} :post-read #{:attribute-c :attribute-d}}
Where :add adds an attribute value, :delete deletes an attribute value and :replace replaces the set of values for the attribute with the ones specified. The entries :pre-read and :post-read specify attributes that have be read and returned either before or after the modifications have taken place.
Modifies an entry in the connected ldap server. The modifications are
a map in the form:
{:add
{:attribute-a some-value
:attribute-b [value1 value2]}
:delete
{:attribute-c :all
:attribute-d some-value
:attribute-e [value1 value2]}
:replace
{:attibute-d value
:attribute-e [value1 value2]}
:increment
{:attribute-f value}
:pre-read
#{:attribute-a :attribute-b}
:post-read
#{:attribute-c :attribute-d}}
Where :add adds an attribute value, :delete deletes an attribute value and
:replace replaces the set of values for the attribute with the ones specified.
The entries :pre-read and :post-read specify attributes that have be read and
returned either before or after the modifications have taken place.modify-passwordclj
(modify-password connection new)(modify-password connection old new)(modify-password connection old new dn)Creates a new password modify extended request that will attempt to change the password of the currently-authenticated user, or another user if their DN is provided and the caller has the required authorisation.
Creates a new password modify extended request that will attempt to change the password of the currently-authenticated user, or another user if their DN is provided and the caller has the required authorisation.
modify-rdnclj
(modify-rdn connection dn new-rdn delete-old-rdn)Modifies the RDN (Relative Distinguished Name) of an entry in the connected ldap server.
The new-rdn has the form cn=foo or ou=foo. Using just foo is not sufficient. The delete-old-rdn boolean option indicates whether to delete the current RDN value from the target entry.
Modifies the RDN (Relative Distinguished Name) of an entry in the connected ldap server. The new-rdn has the form cn=foo or ou=foo. Using just foo is not sufficient. The delete-old-rdn boolean option indicates whether to delete the current RDN value from the target entry.
searchclj
(search connection base)(search connection base options)Runs a search on the connected ldap server, reads all the results into memory and returns the results as a sequence of maps.
Options is a map with the following optional entries: :scope The search scope, can be :base :one or :sub, defaults to :sub :filter A string describing the search filter, defaults to "(objectclass=*)" :attributes A collection of the attributes to return, defaults to all user attributes
Runs a search on the connected ldap server, reads all the results into
memory and returns the results as a sequence of maps.
Options is a map with the following optional entries:
:scope The search scope, can be :base :one or :sub,
defaults to :sub
:filter A string describing the search filter,
defaults to "(objectclass=*)"
:attributes A collection of the attributes to return,
defaults to all user attributessearch!clj
(search! connection base f)(search! connection base options f)Runs a search on the connected ldap server and executes the given function (for side effects) on each result. Does not read all the results into memory.
Options is a map with the following optional entries: :scope The search scope, can be :base :one or :sub, defaults to :sub :filter A string describing the search filter, defaults to "(objectclass=*)" :attributes A collection of the attributes to return, defaults to all user attributes :queue-size The size of the internal queue used to store results before they are passed to the function, the default is 100
Runs a search on the connected ldap server and executes the given
function (for side effects) on each result. Does not read all the
results into memory.
Options is a map with the following optional entries:
:scope The search scope, can be :base :one or :sub,
defaults to :sub
:filter A string describing the search filter,
defaults to "(objectclass=*)"
:attributes A collection of the attributes to return,
defaults to all user attributes
:queue-size The size of the internal queue used to store results before
they are passed to the function, the default is 100search-allclj
(search-all connection base)(search-all connection base options)Runs a search on the connected ldap server, reads all the results into memory and returns the results as a sequence of maps.
Options is a map with the following optional entries: :scope The search scope, can be :base :one or :sub, defaults to :sub :filter A string describing the search filter, defaults to "(objectclass=*)" :attributes A collection of the attributes to return, defaults to all user attributes
Runs a search on the connected ldap server, reads all the results into
memory and returns the results as a sequence of maps.
Options is a map with the following optional entries:
:scope The search scope, can be :base :one or :sub,
defaults to :sub
:filter A string describing the search filter,
defaults to "(objectclass=*)"
:attributes A collection of the attributes to return,
defaults to all user attributesssl-protocol-mappingclj
(ssl-protocol-mapping ssl-protocols)Converts user protocol settings into valid string constants
Converts user protocol settings into valid string constants
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close