2.1 - Connection and disconnection

LDAP is a protocol which requires the user to be connected - and likely identified - in order to be able to send requests to the server. We maintain this connection potentially forever. What make the LDAP protocol different from, say, the HTTP protocol is that the connection must be issued explicitly. Let's see how we do that.

Opening a connection

We can open a secure or a standard connection.

Standard connection

We can first establish a standard connection, where the data are sent and received in clear text (encoded in ASN.1 BER, but still not encrypted). This example expose the way it's done :

LdapConnection connection = new LdapNetworkConnection( "localhost", 389 );

Here, we just created an unsafe connection locally, using the 389 port. Quite simple...

Secure connection

Although the LDAPS (LDAP over SSL) is now considered as deprecated, many people continue to use it. The big advantage of not using LDAPS is that you don't need to setup two different listening ports (one for LDAP -389- and another one for LDAPS -636- ).

The only difference with the previous example is that we have to tell the connection that it has to use SSL, by passing true as a third parameter (incidentally, passing false set a unsafe connection).

Here is an example

LdapConnection connection = new LdapNetworkConnection( "localhost", 636, true );

Maintaining the connection opened

We keep the connection opened for a limited period of time, defaulting to 30 seconds. This might be not long enough, so one can change this delay by calling the setTimeOut() method :

LdapConnection connection = new LdapNetworkConnection( "localhost", 389 );
connection.setTimeOut( 0 );

Note: Setting a value equal or below 0 will keep the connection opened for ever (or a soon as the connection is not explicitly closed).

Closing the connection

Once you don't need to use the connection anymore (remember that hodling a connection keeps a session opened on the server, and a socket opened between the client and the server), then you have to close it. This is done by calling the close() method :

LdapConnection connection = new LdapNetworkConnection( "localhost", 389 );

Using a pool of connections

Creating a connection is expensive. If you are to reuse a connection over and over, or if you are writing an application that will need many LDAP conenctions, you may want to use a pool of connections.

This is slightly more complex than simply opening a new connection, as you have a lot of parametrs that can come into play when creating a pool. Here is an example of creation of a pool of connections :

LdapConnectionConfig config = new LdapConnectionConfig();
config.setLdapHost( "localhost" );
config.setLdapPort( 389 );
config.setName( "uid=admin,ou=system" );
config.setCredentials( "secret" );
PoolableLdapConnectionFactory factory = new PoolableLdapConnectionFactory( config );
LdapConnectionPool pool = new LdapConnectionPool( factory );
pool.setTestOnBorrow( true );

Here, we just have created a pool of connections which all are unthenticated using the administrator user. You can create anonymous connections, it's just a matter of not setting any name or credentials in the config.