annotate man/lispref/ldap.texi @ 414:da8ed4261e83 r21-2-15

Import from CVS: tag r21-2-15
author cvs
date Mon, 13 Aug 2007 11:21:38 +0200
parents 697ef44129c6
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
1 @c -*-texinfo-*-
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
2 @c This is part of the XEmacs Lisp Reference Manual.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
3 @c Copyright (C) 1998 Free Software Foundation, Inc.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
4 @c See the file lispref.texi for copying conditions.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
5 @setfilename ../../info/ldap.info
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
6 @node LDAP Support, Internationalization, ToolTalk Support, top
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
7 @chapter LDAP Support
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
8 @cindex LDAP
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
9
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
10 XEmacs can be linked with a LDAP client library to provide Elisp primitives
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
11 to access directory servers using the Lightweight Directory Access Protocol.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
12
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
13 @menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
14 * Building XEmacs with LDAP support:: How to add LDAP support to XEmacs
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
15 * XEmacs LDAP API:: Lisp access to LDAP functions
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
16 * Syntax of Search Filters:: A brief summary of RFC 1558
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
17 @end menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
18
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
19 @node Building XEmacs with LDAP support, XEmacs LDAP API, LDAP Support, LDAP Support
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
20 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
21 @section Building XEmacs with LDAP support
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
22
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
23 LDAP support must be added to XEmacs at build time since it requires
398
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
24 linking to an external LDAP client library. As of 21.2, XEmacs has been
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
25 successfully built and tested with
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
26
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
27 @itemize @bullet
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
28 @item OpenLDAP 1.0.3 (@url{http://www.openldap.org/})
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
29 @item University of Michigan's LDAP 3.3 (@url{http://www.umich.edu/~dirsvcs/ldap/})
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
30 @item LDAP SDK 1.0 from Netscape Corp. (@url{http://developer.netscape.com/})
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
31 @end itemize
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
32
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
33 Other libraries conforming to RFC 1823 will probably work also but may
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
34 require some minor tweaking at C level.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
35
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
36 The standard XEmacs configure script autodetects an installed LDAP
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
37 library provided the library itself and the corresponding header files
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
38 can be found in the library and include paths. A successful detection
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
39 will be signalled in the final output of the configure script.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
40
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
41
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
42
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
43 @node XEmacs LDAP API, Syntax of Search Filters, Building XEmacs with LDAP support, LDAP Support
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
44 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
45 @section XEmacs LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
46
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
47 XEmacs LDAP API consists of two layers: a low-level layer which tries
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
48 to stay as close as possible to the C API (where practical) and a
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
49 higher-level layer which provides more convenient primitives to
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
50 effectively use LDAP.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
51
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
52 As of XEmacs 21.0, only interfaces to basic LDAP search functions are
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
53 provided, broader support is planned in future versions.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
54
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
55 @menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
56 * LDAP Variables:: Lisp variables related to LDAP
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
57 * The High-Level LDAP API:: High-level LDAP lisp functions
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
58 * The Low-Level LDAP API:: Low-level LDAP lisp primitives
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
59 @end menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
60
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
61
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
62 @node LDAP Variables, The High-Level LDAP API, XEmacs LDAP API, XEmacs LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
63 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
64 @subsection LDAP Variables
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
65
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
66 @defvar ldap-default-host
398
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
67 The default LDAP server hostname.
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
68 A TCP port number can be appended to that name using a colon as
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
69 a separator.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
70 @end defvar
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
71
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
72 @defvar ldap-default-port
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
73 Default TCP port for LDAP connections.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
74 Initialized from the LDAP library. Default value is 389.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
75 @end defvar
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
76
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
77 @defvar ldap-default-base
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
78 Default base for LDAP searches.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
79 This is a string using the syntax of RFC 1779.
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
80 For instance, "o¬ME, cÿ" limits the search to the
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
81 Acme organization in the United States.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
82 @end defvar
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
83
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
84 @defvar ldap-host-parameters-alist
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
85 An alist of per host options for LDAP transactions.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
86 The list elements look like @code{(HOST PROP1 VAL1 PROP2 VAL2 ...)}
398
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
87 @var{host} is the name of an LDAP server. A TCP port number can be
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
88 appended to that name using a colon as a separator.
74fd4e045ea6 Import from CVS: tag r21-2-29
cvs
parents: 298
diff changeset
89 @var{propn} and @var{valn} are
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
90 property/value pairs describing parameters for the server. Valid
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
91 properties:
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
92 @table @code
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
93 @item binddn
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
94 The distinguished name of the user to bind as. This may look like
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
95 @samp{cÿ, o¬me, cnÿnny Bugs}, see RFC 1779 for details.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
96 @item passwd
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
97 The password to use for authentication.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
98 @item auth
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
99 The authentication method to use, possible values depend on the LDAP
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
100 library XEmacs was compiled with, they may include @code{simple},
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
101 @code{krbv41} and @code{krbv42}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
102 @item base
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
103 The base for the search. This may look like @samp{cÿ, o¬me}, see
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
104 RFC 1779 for syntax details.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
105 @item scope
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
106 One of the symbols @code{base}, @code{onelevel} or @code{subtree}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
107 indicating the scope of the search limited to a base
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
108 object, to a single level or to the whole subtree.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
109 @item deref
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
110 The dereference policy is one of the symbols @code{never},
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
111 @code{always}, @code{search} or @code{find} and defines how aliases are
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
112 dereferenced.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
113 @table @code
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
114 @item never
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
115 Aliases are never dereferenced
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
116 @item always
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
117 Aliases are always dereferenced
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
118 @item search
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
119 Aliases are dereferenced when searching
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
120 @item find
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
121 Aliases are dereferenced when locating the base object for the search
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
122 @end table
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
123 @item timelimit
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
124 The timeout limit for the connection in seconds.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
125 @item sizelimit
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
126 The maximum number of matches to return for searches performed on this connection.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
127 @end table
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
128 @end defvar
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
129
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
130
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
131
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
132 @node The High-Level LDAP API, The Low-Level LDAP API, LDAP Variables, XEmacs LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
133 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
134 @subsection The High-Level LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
135
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
136 As of this writing the high-level Lisp LDAP API only provides for LDAP
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
137 searches. Further support is planned in the future.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
138
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
139 The @code{ldap-search} function provides the most convenient interface
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
140 to perform LDAP searches. It opens a connection to a host, performs the
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
141 query and cleanly closes the connection thus insulating the user from
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
142 all the details of the low-level interface such as LDAP Lisp objects
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
143 @pxref{The Low-Level LDAP API}
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
144
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
145 @defun ldap-search filter &optional host attributes attrsonly
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
146 Perform an LDAP search.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
147 @var{filter} is the search filter @pxref{Syntax of Search Filters}
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
148 @var{host} is the LDAP host on which to perform the search
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
149 @var{attributes} is the specific attributes to retrieve, @code{nil} means
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
150 retrieve all
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
151 @var{attrsonly} if non-@code{nil} retrieves the attributes only without
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
152 their associated values.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
153 Additional search parameters can be specified through
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
154 @code{ldap-host-parameters-alist}.
406
b8cc9ab3f761 Import from CVS: tag r21-2-33
cvs
parents: 404
diff changeset
155 @end defun
b8cc9ab3f761 Import from CVS: tag r21-2-33
cvs
parents: 404
diff changeset
156
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
157 @node The Low-Level LDAP API, , The High-Level LDAP API, XEmacs LDAP API
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
158 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
159 @subsection The Low-Level LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
160
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
161 @menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
162 * The LDAP Lisp Object::
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
163 * Opening and Closing a LDAP Connection::
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
164 * Searching on a LDAP Server (Low-level)::
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
165 @end menu
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
166
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
167 @node The LDAP Lisp Object, Opening and Closing a LDAP Connection, The Low-Level LDAP API, The Low-Level LDAP API
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
168 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
169 @subsubsection The LDAP Lisp Object
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
170
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
171 An internal built-in @code{ldap} lisp object represents a LDAP
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
172 connection.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
173
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
174 @defun ldapp object
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
175 This function returns non-@code{nil} if @var{object} is a @code{ldap} object.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
176 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
177
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
178 @defun ldap-host ldap
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
179 Return the server host of the connection represented by @var{ldap}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
180 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
181
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
182 @defun ldap-live-p ldap
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
183 Return non-@code{nil} if @var{ldap} is an active LDAP connection
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
184 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
185
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
186
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
187 @node Opening and Closing a LDAP Connection, Searching on a LDAP Server (Low-level), The LDAP Lisp Object, The Low-Level LDAP API
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
188 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
189 @subsubsection Opening and Closing a LDAP Connection
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
190
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
191 @defun ldap-open host &optional plist
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
192 Open a LDAP connection to @var{host}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
193 @var{plist} is a property list containing additional parameters for the connection.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
194 Valid keys in that list are:
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
195 @table @code
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
196 @item port
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
197 The TCP port to use for the connection if different from
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
198 @code{ldap-default-port} or the library builtin value
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
199 @item auth
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
200 The authentication method to use, possible values depend on the LDAP
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
201 library XEmacs was compiled with, they may include @code{simple},
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
202 @code{krbv41} and @code{krbv42}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
203 @item binddn
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
204 The distinguished name of the user to bind as. This may look like
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
205 @samp{cÿ, o¬me, cnÿnny Bugs}, see RFC 1779 for details.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
206 @item passwd
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
207 The password to use for authentication.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
208 @item deref
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
209 The dereference policy is one of the symbols @code{never},
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
210 @code{always}, @code{search} or @code{find} and defines how aliases are
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
211 dereferenced.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
212 @table @code
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
213 @item never
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
214 Aliases are never dereferenced
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
215 @item always
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
216 Aliases are always dereferenced
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
217 @item search
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
218 Aliases are dereferenced when searching
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
219 @item find
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
220 Aliases are dereferenced when locating the base object for the search
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
221 @end table
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
222 The default is @code{never}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
223 @item timelimit
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
224 The timeout limit for the connection in seconds.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
225 @item sizelimit
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
226 The maximum number of matches to return for searches performed on this connection.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
227 @end table
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
228 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
229
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
230 @defun ldap-close ldap
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
231 Close the connection represented by @var{ldap}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
232 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
233
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
234
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
235 @node Searching on a LDAP Server (Low-level), , Opening and Closing a LDAP Connection, The Low-Level LDAP API
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
236 @comment node-name, next, previous, up
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
237 @subsubsection Searching on a LDAP Server (Low-level)
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
238
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
239 @code{ldap-search-internal} is the low-level primitive to perform a
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
240 search on a LDAP server. It works directly on an open LDAP connection
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
241 thus requiring a preliminary call to @code{ldap-open}. Multiple
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
242 searches can be made on the same connection, then the session must be
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
243 closed with @code{ldap-close}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
244
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
245
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
246 @defun ldap-search-internal ldap filter base scope attrs attrsonly
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
247 Perform a search on an open connection @var{ldap} created with @code{ldap-open}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
248 @var{filter} is a filter string for the search @pxref{Syntax of Search Filters}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
249 @var{base} is the distinguished name at which to start the search.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
250 @var{scope} is one of the symbols @code{base}, @code{onelevel} or
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
251 @code{subtree} indicating the scope of the search limited to a base
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
252 object, to a single level or to the whole subtree. The default is
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
253 @code{subtree}.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
254 @code{attrs} is a list of strings indicating which attributes to retrieve
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
255 for each matching entry. If @code{nil} all available attributes are returned.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
256 If @code{attrsonly} is non-@code{nil} then only the attributes are retrieved, not
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
257 their associated values
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
258 The function returns a list of matching entries. Each entry being itself
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
259 an alist of attribute/values.
298
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
260 @end defun
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
261
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
262
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
263
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
264
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
265
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
266 @node Syntax of Search Filters, , XEmacs LDAP API, LDAP Support
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
267 @comment node-name, next, previous, up
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
268 @section Syntax of Search Filters
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
269
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
270 LDAP search functions use RFC1558 syntax to describe the search filter.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
271 In that syntax simple filters have the form:
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
272
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
273 @example
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
274 (<attr> <filtertype> <value>)
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
275 @end example
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
276
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
277 @code{<attr>} is an attribute name such as @code{cn} for Common Name,
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
278 @code{o} for Organization, etc...
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
279
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
280 @code{<value>} is the corresponding value. This is generally an exact
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
281 string but may also contain @code{*} characters as wildcards
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
282
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
283 @code{filtertype} is one @code{=} @code{~=}, @code{<=}, @code{>=} which
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
284 respectively describe equality, approximate equality, inferiority and
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
285 superiority.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
286
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
287 Thus @code{(cn=John Smith)} matches all records having a canonical name
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
288 equal to John Smith.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
289
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
290 A special case is the presence filter @code{(<attr>=*} which matches
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
291 records containing a particular attribute. For instance @code{(mail=*)}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
292 matches all records containing a @code{mail} attribute.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
293
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
294 Simple filters can be connected together with the logical operators
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
295 @code{&}, @code{|} and @code{!} which stand for the usual and, or and
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
296 not operators.
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
297
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
298 @code{(&(objectClass=Person)(mail=*)(|(sn=Smith)(givenname=John)))}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
299 matches records of class @code{Person} containing a @code{mail}
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
300 attribute and corresponding to people whose last name is @code{Smith} or
70ad99077275 Import from CVS: tag r21-0b47
cvs
parents:
diff changeset
301 whose first name is @code{John}.
412
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
302
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
303
697ef44129c6 Import from CVS: tag r21-2-14
cvs
parents: 406
diff changeset
304