Title: Five Minute Tutorial Notice: Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. # Five Minute Tutorial ## Introduction > *Warning*: This is a very preliminary tutorial, the user must be informed that the current implementation will evolve a **lot** in the near future. So will the tutorial, hopefully... This new API has been created in order to offer a better API than what we currently use, namely JNDI or older API like LdapSDK or jldap. It benefits from some improvements brought by **ApacheDS** and **OpenDS**. This 5-minutes tutorial will present the way to use this API when working with a LDAP server. ## Base principles LDAP is a connected protocol, so you need to create a connection in order to send request and receive response from a Ldap server. This is the main point : you have to create a connection first. Each operation can have one or more responses, and produce exceptions when something went wrong. The API is schema ware, ie the manipulated objects will be controlled on the client side, assuming you have brought back the schema from the server, or by using a default schema configuration ## Connection In order to create a connection, you first have to provide the name of the server, and the port to use. Those parameters will be defaulted to **localHost** and **389** if nothing is defined. ### Opening a connection Here is an example : :::java LdapConnection connection = new LdapNetworkConnection( "localhost", 389 ); It's important to note that the connection has nothing to do with being bound, and this is a major difference with JNDI, where you create some context and provide the principalDN. A Connection is just a channel opened with the server, here. Another important thing to understand is that the connection is not explicitly opened. In fact, the **bind** operation will open the connection. ### Secure connection >TODO ## Bind operation Now that the connection has been created, you can call the **bind()** method. This will create a identified connection between a client and the server. The **bind** operation has nothing to do with the **JNDI** bind, as no entry will be created. ### Anonymous bind You can bind using no identifier, and in this case, you'll create an anonymous LDAP session. This is done this way : :::java connection.bind(); ### Simple bind The most common bind uses an identifier and a password. The identifier must be a *DN*, and the password can be encrypted. Here is an example of a bind operation : :::java // Don't do that ! Password in clear text = danger ! connection.bind( "ou=example, dc=com", "secret" ); // The password is encrypted, but it does not protect against a MITM attack connection.bind( "ou=example, dc=com", "{crypt}wSiewPyxdEC2c" ); ## Search operation We have tried to make it easy to search information in a LDAP server, as this is the most frequently used operation. Many parameters can be used in a search. The most commonly used are : * The base DN * The filter * The scope * The returning attributes list ### Simple search operation Here is a simple search, done using only those four parameters : :::java EntryCursor cursor = connection.search( "ou=system", "(objectclass=*)", SearchScope.ONELEVEL, "*" ); while ( cursor.next() ) { Entry entry = cursor.get(); // Process the entry ... } Here, we call the search operation, and we get back a cursor. Reading search result from the cursor is done with the **get()** method, moving forward uses the **next()** method. ## Unbinding When you are done with the operation, you can unbind. This is done by calling the **unbind()** method, this way : :::java connection.unbind(); ## Closing the connection Once you are done with the connection, don't forget to close it. It's done by calling the **close()** method : :::java connection.close(); If you explicitly call the **unbind()** method, the connection will also be closed, and in this case, you wont have to close it explicitly. ## Conclusion This very limited presentation was written to give users a quick insight about how to use the **API**. In order to get some further information, please check the **[User Guide](user-guide.html)**