Skip to main content

MuleSoft LDAP Connector With Example


As we all know, the Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. A common use of LDAP is to provide a central place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users. This has a major benefit that allows a central place to update and change user passwords.

With MuleSoft’s LDAP Connector, we can access and maintain directory information services over an IP network by connecting to any LDAP server. LDAP Connector is developed by MuleSoft's developer community and it is categorized as Community Connectors. Latest LDAP Connector documentation is available here. Unfortunately, the information and examples of this connector are limited and scattered all over the web.

Today, I am trying to cover as many details as possible, of course with an example, and right from installing LDAP Connector in Anypoint Studio. First, let's see the LDAP server that we are going to use for this example. We will be using "Online LDAP Test Server" as we do not have to setup any LDAP server locally. This will eliminate the need for us to download, install and configure an LDAP server for testing as it has some test data as well.

Connection Details LDAP Connector - Online LDAP Test Server
Principal DN cn=read-only-admin,dc=example,dc=com
Password password
URL ldap://ldap.forumsys.com
Base DN dc=example,dc=com

JXplorer is a cross platform LDAP browser and editor. This wonderful LDAP client can be used to search, read and edit any standard LDAP directory. Connecting to "Online LDAP Test Server" from this client is very easy. Below details can be used for connection:

Connection Details - JXplorer Client
User DN cn=read-only-admin,dc=example,dc=com
Password password
Host ldap://ldap.forumsys.com
Base DN dc=example,dc=com

Let's now see how to install LDAP Connector in Anypoint Studio and create a sample project to search the data from "Online LDAP Test Server".

Step 1. Install LDAP Connector in Anypoint Studio

In this step, we will install LDAP Connector. To install the connector in Anypoint Studio, go to Help --> Install New Software and select "Anypoint Connectors Update Site - http://repository.mulesoft.org/connectors/releases/3.5.0" option.



Step 2. Install mule-module-ldap-1.3.1.jar file

Technically, you can add following dependency in you Mule Project pom.xml file but you may still get an error while running the project with LDAP configuration. The error message will be something like "Invalid content found starting with ldap:...."

To resolve this issue, the simplest trick is to copy mule-module-ldap-1.3.1.jar file in following location. Please note that I am using mule embedded server version 3.7.3 but you could be using different version of embedded mule server. Please make sure you restart "Anypoint Studio" after placing the jar file in "user" directory.

Jar File mule-module-ldap-1.3.1.jar
Copy To Location AnypointStudio/plugins/org.mule.tooling.server.3.7.3.ee_5.4.0.201511251736/mule/lib/user

Step 3. Create Mule Project and Mule Flow

Let's create new Mule Project and create Mule Flow as below.


Mule Flow XML:


Step 4. Run Mule Project and Validate

This is a final step to run the Mule Project and validate if our code is working as expected. I am going to use "DHC REST Client" chrome extension for sending GET requests to our Mule HTTP Connector configured above. Let's cover FOUR very basic test cases and verify the results. There is one more thing to note here. Sometimes, LDAP Connection will be timed out due to some network connection and since in this basic example we are not having Exception Strategy defined, the error will be thrown in console. Just try to send same request couple of times, and you will get successful results back.

Case A. HTTP GET Request without "uid" query parameter

We will first trigger HTTP GET Request without "uid" query parameter. We have a choice block to check if "uid" query parameter is available or not. If this parameter is not available, then we will just print a log message in console stating "LdapSearch : Request received without UID parameter". Please note that, we are not sending any HTTP Status code or response back. So you will see HTTP Status Code as 200 in DHC REST Client.

HTTP GET: http://localhost:8081/ldapsearch
Result: LdapSearch : Request received without UID parameter

Case B. HTTP GET Request with "uid" query parameter but no data found

We will first trigger HTTP GET Request with "uid" query parameter. If this parameter is available, then we will connect to LDAP Server and invoke "search" operation using MuleSoft LDAP Connector. Since the search returned empty results i.e. data for requested "uid" is not available, we will see log message as "LdapSearch : Result : []" in console and HTTP Status Code as 200 in DHC REST Client.

HTTP GET: http://localhost:8081/ldapsearch?uid=123
Result: LdapSearch : Result : []

Case C. HTTP GET Request with "uid" query parameter and data is returned

We will first trigger HTTP GET Request with "uid" query parameter. If this parameter is available, then we will connect to LDAP Server and invoke "search" operation using MuleSoft LDAP Connector. Since the search returned valid result i.e. data for requested "uid" is available, we will see following log message in console and HTTP Status Code as 200 in DHC REST Client.

HTTP GET: http://localhost:8081/ldapsearch?uid=euler
Result:
LdapSearch : Result : [dn: uid=euler,dc=example,dc=com
uid: euler
mail: euler@ldap.forumsys.com
sn: Euler
cn: Leonhard Euler
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
]

Case D. HTTP GET Request with “uid” query parameter and multiple results returned

We will first trigger HTTP GET Request with “uid” query parameter. If this parameter is available, then we will connect to LDAP Server and invoke “search” operation using MuleSoft LDAP Connector. Since the search returned valid results i.e. multiple results for requested “uid” is available, we will see following log message in console and HTTP Status Code as 200 in DHC REST Client.

HTTP GET: http://localhost:8081/ldapsearch?uid=e*
Result:
LdapSearch : Result : [dn: uid=einstein,dc=example,dc=com
uid: einstein
mail: einstein@ldap.forumsys.com
sn: Einstein
cn: Albert Einstein
telephoneNumber: 314-159-2653
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top,

dn: uid=euler,dc=example,dc=com
uid: euler
mail: euler@ldap.forumsys.com
sn: Euler
cn: Leonhard Euler
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top,

dn: uid=euclid,dc=example,dc=com
uid: euclid
mail: euclid@ldap.forumsys.com
sn: Euclid
cn: Euclid
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
]


P.S. Click here to access my other posts.

Comments

  1. This information is really awesome thanks for sharing most valuable information.
    Mulesoft Online Training

    ReplyDelete
  2. Thanks for sharing such useful information with us to get some idea about that content.
    Mulesoft Online Training
    Mulesoft Training in Hyderabad

    ReplyDelete
  3. I like your post very much. It is very much useful for my research. I hope you to share more info about this. Keep posting mulesoft online training

    ReplyDelete
  4. Thanks for sharing useful information.. we have learned so much information from your blog..
    Mulesoft Training in Hyderabad
    Mulesoft Online Training

    ReplyDelete
  5. This comment has been removed by the author.

    ReplyDelete
  6. Excellent blog I visit this blog it's really awesome. The important thing is that in this blog content written clearly and understandable. The content of information is very informative. We are also providing the best services click on below links to visit our website.
    Oracle Fusion HCM Training
    Workday Training
    Okta Training
    Palo Alto Training
    Adobe Analytics Training

    ReplyDelete
  7. Thank you for sharing such a nice and interesting blog with us.
    Mulesoft Online Course
    Mule ESB Training

    ReplyDelete

Post a Comment

Popular posts from this blog

Postman - Set Timeout / Think Time / Pause / Delay

Those who are involved in API or web service development should be knowing about Postman , it is one of the most popular tools to build API requests and test them. Collection Runner is one of the feature of Postman . You can create one or more requests and group them in Collection, and as name suggests, you can run the entire collection i.e. series or requests. What if you need to add "Think Time" or "Delay" or "Pause" between two requests? It is surely possible, here are some options: Using Collection Runner GUI This option will be applicable to all the requests in the collection In the Collection Runner window, enter value for Delay in milliseconds Using Command Line This option will be applicable to all the requests in the collection Newman is a comman line collection runner for Postman Command To Execute: newman run <collection-file-source> --delay-request [number] Click here to get the details about Newman Newman installation

How to Extract Values from Response Header in JMeter?

JMeter is a powerful tool for API testing. Let's say you are are writing test cases for one of your RESTful service; and you want to extract and validate the value returned as part of response header. It is little bit tricky to extract the value from Response Header in JMeter , but it is possible. For example, your RESTful service returns "ETag" in response header. When you look at the raw response data, the value is displayed something like this: ETag: 2666d92fa9ebf10250acdb235546f045 To exact value of this reaponse header in JMeter: Right click on your HTTP request, then add Post Processor element - Regular Expression Extractor Select Radio button - Main sample only Select Radio burron - Response Headers Type some name in Reference Name section - for example, eTagVariable Type this expression in Reference Expression section - ETag:\s+(.+) IMPORTANT: This expression will select pick the ETag response header parameter and select everything after colon bla

Setup OpenLDAP on MAC

macOS (Mac OS X or OS X) is the current series of Unix-based graphical operating systems developed and marketed by Apple Inc . designed to run on Apple's Macintosh computers ("Macs"). Within the market of desktop, laptop and home computers, and by web usage, it is the second most widely used desktop OS after Microsoft Windows . Recently, while working on one of my projects, there was a requiremnt to integrate our system with LDAP i.e. Lightweight Directory Access Protocol ( LDAP ). So, I wanted to try out some samples by installing OpenLDAP on my MAC. Initially, it looked streightforward but later I realized that there are multiple steps involved to get OpenLDAP up and running in my Mac. So, I thought of documenting various steps so that others can refer them. What do you need to begin? MAC Obviously you need MAC because these steps will work only for MAC (Sorry Windows users) Homebrew This is a package manager for macOS. Click here and follow the instructio

MuleSoft - Static IP Addresses and Multiple Workers

Did you just realize that your Mule Application requires horizontal scalling ? Well, thats easy - just go to CloudHub Runtime Manager, select your application and change the "Workers" count from 1 to either 2, 3 or 4. If numbers are grayed out, then you might have to adjust the "Worker Size", or purchase additional capacity from MuleSoft. So, what is the issue then? At the time of the blog post, based on Mule documentation, if you are using only 1 worker and if you want to apply static IP, then you can simply navigate to "Static IPs" section in Runtime Manager and allocate the static IP address. The issue is when you want to apply Static IP addresses for more than 1 workers for various reasons including IP whitelisting. Based on Mule documentation you cannot apply static IPs if you are using more than 1 worker. From Mule Documentation: "Static IPs are not supported for private IP addresses inside a CloudHub VPC and it is only supported for app

Sublime Text 3 - Pertty Format JSON

You must be looking for some easy options to pretty format JSON data. Well, there are many websites which provides this capability and you can pretty format JSON data in browser. I use Sublime Text 3 text editor, and I was trying to see if I can pretty format JSON within the text editor itself. You can follow these simple steps: Open Sublime Text 3 text editor If you are using MAC OS Press Command + Shift + P Then select "Install Package" Search for "Pretty JSON" Install If you are using Windows OS Press CTRL + Shift + P Then select "Install Package" Search for "Pretty JSON" Install Once the installation is complete, select JSON string If you are using MAC OS Press Command + Control + J If you are using Windows OS Press CTRL + ALT + J Thats it! Now you don't have to copy your JSON string from Sublime Text 3, paste in your browser, format it, then copy formatted JSON from browser and paste it back in your Sublime

Access GitHub Repositories with SourceTree and 2FA (2 Factor Authentication)

Many developers and organizations use GitHub as code repository. Similarly, many prefer to commit code in GitHub repositories using various commands. I personally think that using any kind of user interface for committing code and performing various GIT operations is much more simpler and productive. SourceTree is one such Atlassian product. SourceTree is a free Git client and provides beautiful GUI that offers a visual representation for various Git repositories. For added security, you can enable 2FA (i.e. 2 Factor Authentication) for your GitHub account. Configuring GitHub with SourceTree is very very simple. Here are the steps on MAC OS (steps on Windows OS are similar): If you have not enabled 2FA: Open SourceTree and go to Preferences Select Accounts Click on Add button to add account On the pop-up window, select Host as "GitHub" Select Auth Type as "Basic" Type your GitHub username (not email) Type your password Select Protocol as HTTPS

MuleSoft - JSON Schema Validation with Dynamic Schema Location

While working on a Mule Application project, if you a planning to validate JSON payload against some JSON schema , and more importantly if you want to pass schema location dynamically, then this post will be benificial for you. Mule provides JSON Schema Validator as out of the box feature. From mule documentation , evaluates JSON payloads at runtime and verifies that they match a referenced JSON schema. You can match against schemas that exist in a local file or in an external URI. If the validation fails, an exception is raised with feedback about what went wrong and a reference to the original invalid payload. Above code works but here is the catch, in my scenario, the schema location was dynamic. Let's say the schema location is present in the database. Once the schema location value is retrieved from database, it is stored in a flow variable. For simplicity, I am creating a flow variable with hard-coded value. In actual application, the flow variable value will be the va

Mule SFTP and PGP Encryption

Many companies use standard protocols such as FTP and SFTP to transfer files to external partner and receive files from external partners. Using FTP and SFTP provides simple to use and low cost platform for file exchange. In some business scenarios, companies may have to exchange sensitive information such as employee’s personal information, expense reports, payment information etc. Mule has the ability to encrypt a message payload, or part of a payload, using Pretty Good Privacy ( PGP ). PGP combines data compression and data encryption to secure messages. The compression reduces message transmission time between origin and destination. There are two scenarios that this document addresses: Using another party’s public key to encrypt a messages in a Mule application Using one’s own set of private and public keys so as to accept, and decrypt messages in a Mule application. What is Pretty Good Privacy (PGP)? Pretty Good Privacy ( PGP ) is a data encryption and decryption

Run JMeter Tests with Maven

In this article, I will be focusing on configuring JMeter with Maven but lets first understand some basics of JMeter and Maven. The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance. These days, performance testing is very very important especially when the applications are targeting large number of users. There are many tools available in market, some are paid, some are free. Apache JMeter is one such free and open source software. Though JMeter's was initially developed for load testing web applications, it is now far more advanced. The biggest advantage of the JMeter is that it can do many things like performance and functional testing for web services, databases, FTPs or Web Servers, LDAP, JMS, trigger emails/notifications. Most of these features are implemented with plugins. JMeter is powerful, easy to install and use and FREE! It is a Java desktop application with simple us