menu

Monday, October 27, 2014

Configuring and Using LDAP In SOA

Introduction:

     Today, I will explain how to achieve and configure a ldap connection in Oracle Soa Suite and to create a ldap adapter to add, search, and compare entities in ldap in a bpel process.We'll use compare operation along with a Java Embedding component that include a SSHA digest operation to achieve authentication of a user through Ldap. However, lets first see how to enable the LdapAdapter in Soa Suite environment using the application console, and see how to build a Ldap environment using the Apache Directory Studio to use in our examples.

Configure the Application Console to Use Ldap:

     Open the address http://localhost:7101/console in your browser after starting the integrated weblogic server. Enter the credentials you stated during the installation, and click the 'Deployments' in the left menu.Find the LdapAdapter in the Deployements list like in Figure 1.


Configuring and Using LDAP In SOA
Figure 1

Then go to the Targets tab and check the DefaultServer to target the LdapAdapter to your default server.See in Figure 2.


Configuring and Using LDAP In SOA
Figure 2
Next, go to the Configuration -> OutBound Connection Pools and choose one of the Jndi configuration.Say eis/ldap/master.Then configure the Jndi properties specifying bindDN, hostName, password and port.See in Figure 3 and 4.

Configuring and Using LDAP In SOA
Figure 3

Configuring and Using LDAP In SOA
Figure 4

Install and Configure Apache Directory Studio:

     Download and install the Apache Directory Studio from the link below.
http://directory.apache.org/studio/download/download-windows.html
Open the directory studio and start the ApacheDS server.We'll create the users under         ou=users,ou=system directory.The default password type will be SSHA.You can see the Ldap Browser view in the Apache Directory Studio's schema editor.


Configuring and Using LDAP In SOA
Figure 5

Create the SOA Project to Achieve Add Ldap Operation:
   
     To add an entity to the Ldap we have to assing the dn, cn, sn, uid and userPassword properties of Ldap configuration.So, let's create a synchron bpel process that has a xsd file with these properties like in Figure 6.


Configuring and Using LDAP In SOA
Figure 6

Dn is the 'Distinguished Name' that identifiy the user's entity in the entire Ldap environment.Cn is the 'Common Name', Sn is the 'Surname', uid is the 'User Identifier' and the userPassword is the 'Password' field.
Now, create a Ldap adapter by right clicking the external references part of your composite page and rename it like in Figure 7.

Configuring and Using LDAP In SOA
Figure 7

On the next page, click to the plus sign and create a Ldap connection and test it entering the connection properties like in Figure 8.

Configuring and Using LDAP In SOA
Figure 8


Choose the Jndi name eis/ldap/master that we configured in the application console in the next page of the wizard.See in Figure 9 and 10.

Configuring and Using LDAP In SOA
Figure 9

Configuring and Using LDAP In SOA
Figure 10

Choose the Add operation in the next page, then choose the object classes 'inetOrgPerson' and 'person' and their attributes cn, sn, uid and userPassword to insert like in Figure 11 and 12.

Configuring and Using LDAP In SOA
Figure 11

Configuring and Using LDAP In SOA
Figure 12

After completing the Ldap adapter wizard, you will get the xsd file like in Figure 13 for the input of Ldap add operation and the final composite will look like in Figure 14.Also see how to configure the input variable of the Ldap component in Figure 15 and 16.

Configuring and Using LDAP In SOA
Figure 13

Configuring and Using LDAP In SOA
Figure 14

Configuring and Using LDAP In SOA
Figure 15

Configuring and Using LDAP In SOA
Figure 16

Example input and output of this bpel process can be seen in Figure 17.

Configuring and Using LDAP In SOA
Figure 17

You can see the added user in the ldap schema editor like in Figure 18.

Configuring and Using LDAP In SOA
Figure 18

Create the SOA Project to Achieve Search Ldap Operation:

    To search an entity in the Ldap we have to define a baseDN and a searchFilter.Create a synchron bpel process that has just a uid in xsd and create a Ldap adapter in the composite page, rename it and choose the Search operation.See in Figure 19.

Configuring and Using LDAP In SOA
Figure 19

In the next page choose the default search base and the default search filter and then choose the response objects and the attributes that you want to return from the operation like in Figure 20 and 21.We just want to return the userPassword attribute of the person object.

Configuring and Using LDAP In SOA
Figure 20

Configuring and Using LDAP In SOA
Figure 21

At the end we get the following composite.

Configuring and Using LDAP In SOA
Figure 22

This time choose both input and output variables in the invoke component of search operation like in Figure 23 and drag and drop two assign activities after receiveInput and after invokeForSearch components for search and return values respectively.See in Figure 24, 25 and 26.In Figure 24, you can see we just use the concat function to obtain a search filter in the format 'uid=testUser'.

Configuring and Using LDAP In SOA
 Figure 23

Configuring and Using LDAP In SOA
 Figure 24

Configuring and Using LDAP In SOA
 Figure 25

The final bpel process will be the following.

Configuring and Using LDAP In SOA
Figure 26

Example input and output of this bpel process can be seen in Figure 27.

Configuring and Using LDAP In SOA
Figure 27

Create the SOA Project to Achieve Compare Ldap Operation to Use in Authentication:

     We'll now use a Compare Ldap operation to authenticate a user.Firstly, create a bpel process with a xsd file with two input variables uid and userPassword.

Configuring and Using LDAP In SOA
Figure 28

Create a Ldap adapter with compare operation like in Figure 29.

Configuring and Using LDAP In SOA
Figure 29

Define the input and output variables of the compare invoke component.

Configuring and Using LDAP In SOA
Figure 30

Since the password is kept as SSHA digest value in the Ldap server, before compare it we have to obtain the digest of the user password.SSHA is an acronomy for Salted Secure Hash Algorithm and used to obtain a more secure digest value with the help of a salt value.We'll use Java Embedding component to get the SSHA digest of the password input and use the digest of password and the uid together to authenticate a user.We'll need sun.misc.Base64Decoder.jar so obtain it from the internet if you don't have it.Then put the Base64Decoder.jar to the $PROJECT_DIR\SOA\SCA-INF\lib folder, set the jar file to the classpath from the Project Properties -> Libraries and Classpath.See in Figure 31.

Configuring and Using LDAP In SOA
Figure 31

We need to get the salt value that used in the Ldap server.Thus look for the password editor in the Apache Directory Studio to get the salt value.We'll use it in our SSHA class.

Configuring and Using LDAP In SOA
Figure 32

Now, create a java class named SSHA like in Figure 33.

Configuring and Using LDAP In SOA
Figure 33

We can then use this class in our Java Embedding code.Drag and drop a Java Embedding component after the receiveInput component and type the following codes in it.

Configuring and Using LDAP In SOA
Figure 34

Remember to put the required imports to the bpel source for the XMLElement and SSHA classes using the import tag.

Now, drag and drog two assing activities after the Java Embedding and InvokeForCompare components to set the compare and result values respectively.The assing activity for the InvokeForCompare component can be seen in Figure 32.We use concat function to set the dn attribute of the compare request as in the form 'uid=testUser,ou=users,ou=system' and we set the name as 'userPassword' and set the value from the result of the Java Embedding component.

Configuring and Using LDAP In SOA
Figure 35

The final bpel process for the Compare ldap operation will be the following.

Configuring and Using LDAP In SOA
Figure 36

The possible inputs and outputs of this bpel process can be seen in Figure 37 and 38.Also you can see the return value in the debug screen in Figure 39.

Configuring and Using LDAP In SOA
 Figure 37

Configuring and Using LDAP In SOA
 Figure 38

Configuring and Using LDAP In SOA
Figure 39

Conclusion:

     I try to explain the usage of Ldap in SOA Suite using add, search and compare operations of bpel ldap adapter.Before that we saw how to configure Ldap adapter in application console and also see how to install and configure the Apache Directory Studio.In the compare example we see how to authenticate a user with the help of a Java Embedding including a SSHA digester class.To test and debug the projects developed in this write, you can see the detail of debugging and testing a project in this write. 

You can download the source code from here.

27 comments:

  1. HI, thanks for great share, can you please describe modify option in ldap adaptor. thanks in advanced

    ReplyDelete
  2. Entertainment technology (TV, internet, videogames, iPods) has advanced so rapidly, kitchener townhomes for sale that families have scarcely noticed the significant impact and changes to their family structure and lifestyles.

    ReplyDelete
  3. Put another way: there are at least three major problems with technology that leaders - in their rush to be successful - seem to conveniently ignore, and I would like to outline them here. combination weighers

    ReplyDelete
  4. The GSM has made wandering between administrators an exceptionally regular undertaking, encouraging the clients to convey their portable in pretty much all aspects of the world. dumps plus pins

    ReplyDelete
  5. The banks didn't generally think about cards since it was produced from slim air and never was there a penny taken from any banks vault to finance a card account! To see how this functions utilize the hunt term "the gig is up. skimmers for sale

    ReplyDelete
  6. Since Atlanta was a military preparing ground at that point, Tech held its male understudies and proceeded with its football program all through the conflict.why you should use a vpn when ddosing

    ReplyDelete
  7. Main concern: assuming you don't take in whatever else from this article, in any event gain proficiency with this a certain something. A sound tech's essential obligation is to be mindful by focusing consistently and taking care of the necessities of others for the sole goal of a faultless show. túlméretes szállítás Europa-Road Kft.

    ReplyDelete
  8. At whatever point the designer leaves his seat to take care of those obligations, the sound tech is neglecting to take care of his work. IT consulting services Brampton

    ReplyDelete
  9. Likewise, the article "I'm not a PC individual" (Lohnes 2013) addresses the way that understudies assumptions taking everything into account is altogether different. In an examination finished with 34 undergrad college understudies, they exhort that technology is a necessary piece of a college understudies life since they need to do must everything on the web from applying for school or college, China mosfet manufacturer

    ReplyDelete
  10. In the event that you are as yet unfit to associate with the Contivity VPN Switch, open a Command Prompt and have a go at pinging the Contivity VPN Switch utilizing the host name or address that you determined in the Destination field. express vpn free trial

    ReplyDelete
  11. Instructors have consistently utilized technology. The thing that matters is that now instructors are utilizing truly integral assets like iPads and iPhones in their own and expert lives. powerbelt

    ReplyDelete
  12. As a general rule, the first technology ended up in the garbage dump. Technology, hence, is an empowering agent whose extreme incentive is to make enhancements to our lives. To be important, it should be utilized to make developments that are driven by a promising circumstance. Best Free Wordpress Themes

    ReplyDelete
  13. The term can either be applied by and large or to explicit regions: models incorporate development technology, clinical technology, and data technology. Click Speed Test

    ReplyDelete
  14. We never had that association" (Lohnes). Nichole hates the way that her school demands that she had more contact with technology than she is comparable with. Regardless, she clarifies that as she began doing those school online tasks so regularly she came to understand that they were not excessively terrible. EMF Protectors

    ReplyDelete
  15. It is the start of a pastime and a chance for your gift beneficiary to enter a great diversion forever. Europa-Road targonca szállítás Debrecen

    ReplyDelete
  16. In this day and age, advances will in general immediately become commoditized, and inside a specific technology lies the seeds of its own demise.
    oppo a15 price in bangladesh

    ReplyDelete
  17. Those that fizzled couldn't discover the chance to foster a significant development utilizing their technology. Indeed to endure, these organizations needed to transform frequently into something entirely unexpected and in case they were fortunate they could exploit subordinates of their unique technology. online document digital service

    ReplyDelete
  18. It didn't take long for the main threats toward start a couple of years after the fact in 1891 over, for goodness' sake, the school tones. UGA's school magazine proclaimed the school tones to be gold, dark and blood red.https://shuttlesky.in/

    ReplyDelete
  19. We think about messages as the center of science, which ought to likewise be in the center of technology because of the basically same nature of science and technology. https://hostinglelo.in/

    ReplyDelete
  20. The allegations were doubtful and the SIAA later decided for Tech. In his 16 seasons at Georgia Tech, Heisman drove the Golden Tornado (as Tech was known) to three undefeated seasons, including a 32 game series of wins and an immeasurably significant 23 - 6 triumph over Georgia. Qualtech Security

    ReplyDelete
  21. They are of non-printed nature or focused on non-texts. Crediting the attributes of technology to the different parts of social orders not just confounds the issue, prompting unlimited cooperations yet additionally switch individuals' aims from technology's real essence. Concise Finance Wandsworth UK Retirement Mortgage

    ReplyDelete
  22. Technology is only a device.
    It shouldn't be utilized in study halls or youngster care focuses on the grounds that it's cool, but since instructors can do exercises that help the sound improvement of kids. FinanceHub SW London Birmingham Midshires

    ReplyDelete
  23. Then again, numerous interests can be addressed by entering inquiries into web search tools, in a moment or two. It appears everybody has sufficient information. Each of the one requirements is to make a move. Accordingly, more individuals became activity arranged, the expression "technology" is turning out to be more famous than the expression "science".watch tv online free

    ReplyDelete
  24. genuine sense technology additionally has these highlights. Fundamentally, the innovations in unskilled social orders likewise came from the consecutive personalities with logical properties in crude structure, best cheap web hosting

    ReplyDelete
  25. Any time your youngster is locked in with a screen, stop a program, or quiet the ads, and pose drawing in inquiries. What was that character thinking? For what reason did the fundamental person do that? How might you have treated that circumstance? watch tv on laptop

    ReplyDelete
  26. presently! I genuinely accept that following these tips can draw you nearer to that. However, https://www.buyyoutubesubscribers.in/

    ReplyDelete