Next: Introduction, Previous: (dir), Up: (dir) [Contents][Index]
This is the trivial-ldap Reference Manual, version 0.94, generated automatically by Declt version 4.0 beta 2 "William Riker" on Wed Jun 15 06:01:32 2022 GMT+0.
Next: Systems, Previous: The trivial-ldap Reference Manual, Up: The trivial-ldap Reference Manual [Contents][Index]
One-two, one-two... is this thing working?
This is Kevin Montuori's trivial-ldap, with a few modifications.
A few years back, I needed some mechanism for querying AD servers, as part of a custom content connector for the FAST ESP search engine. I found trivial-ldap, and was soon using it to good effect.
After having used trivial-ldap for a while, I made some modifications, and asked Kevin to review them, and integrate them if he felt that they added value. Unfortunately, Kevin is too busy to spend time on trivial-ldap, so he graciously let me publish whatever changes I had.
The LDAP filter parser has been rewritten from scratch, using cl-yacc. This makes filter parsing somewhat faster, and should also make it easier to maintain. The downside is one more dependency.
The original code used symbols in the current package to name LDAP attributes. This has changed, and all attribute names are now interned in the keyword package. So, something like
(ldap:attr-value *entry* 'cname)
should now be
(ldap:attr-value *entry* :cname)
and so on. Note: this is probably only important when working with an LDAP entry, as that is the only place where we use symbol identity for matching.
There was a tacit assumption in the trivial-ldap code that all attributes are UTF-8 encoded strings, while in reality they can be 7-bit ASCII (USASCII), UTF-8 or even binary. There is now a mechanism in place for giving hints to trivial-ldap that certain attributes should be treated as binary values --- such attributes will be returned as lists of (unsigned-byte 8), instead of as unicode strings.
The interface to this mechanism is
(ldap:attribute-binary-p <attribute-name>) => <generalized-boolean>
and
(setf (ldap:attribute-binary-p <attribute-name>) <generalized-boolean>)
Note: Elias Mårtenson has supplied some handy restarts that can be used when it turns out that an attribute cannot be converted to UTF-8 (which, in turn, probably means that it should be treated as binary). See handle-as-binary and handle-as-binary-and-add-known in trivial-ldap.lisp .
Search filters and values can be specified as lists instead of as strings. This has two advantages:
Binary values can be specified (lists of octet values will not be treated as UTF-8 sequences).
It is not necessary to build string representations of a filter just to have the filter parser deconstruct it back to the representation that should be natural for Lisp.
Values can be specified as octet lists, strings or symbols --
when a symbol is specified, the actual value used is whatever
(symbol-name <symbol>) returns.
The function #'listify-filter can be used to turn a string filter into an equivalent list representation; this should be useful for experimenting with the list format.
(ldap:search *ldap* '(and (= objectclass person) (= cname "rayw")))
(let ((name "rayw"))
(ldap:search *ldap* `(and (= objectclass person) (= cname ,name))))
Support for the LDAP Control Extension "Simple Paged Results" (rfc2696) has been added. It is invoked by setting the :size-limit search parameter to 0 (zero), and setting :paging-size to a positive integer. Note that the server imposes its own restrictions here, so the actual number of results in a batch may be lower than specified.
Apart from setting these two required parameters, the operation of the paging mechanism is wholly transparent: batches are fetched automatically whenever the #'next-search-result method has exhausted all entries in the current batch (assuming that the appropriate parameters have been specified, and that there are actually more results to be fetched.)
(and (ldap:search *ldap* '(& (substring samaccountname "ra*") (= objectclass person))
:attributes '("1.1") :size-limit 0 :paging-size 500)
(loop for entry = (ldap:next-search-result *ldap*)
while entry
count entry))
Next: Files, Previous: Introduction, Up: The trivial-ldap Reference Manual [Contents][Index]
The main system appears first, followed by any subsystem dependency.
TRIVIAL-LDAP is a one file, all Common Lisp client implementation of parts of RFC 2261.
Raymond Wiker <rwiker@gmail.com>
Kevin Montuori
Clarified Artistic License
0.94
Next: Packages, Previous: Systems, Up: The trivial-ldap Reference Manual [Contents][Index]
Files are sorted by type and then listed depth-first from the systems components trees.
Next: trivial-ldap/package.lisp, Previous: Lisp, Up: Lisp [Contents][Index]
trivial-ldap (system).
Next: trivial-ldap/trivial-ldap.lisp, Previous: trivial-ldap/trivial-ldap.asd, Up: Lisp [Contents][Index]
trivial-ldap (system).
Previous: trivial-ldap/package.lisp, Up: Lisp [Contents][Index]
package.lisp (file).
trivial-ldap (system).
Next: Definitions, Previous: Files, Up: The trivial-ldap Reference Manual [Contents][Index]
Packages are listed by definition order.
ldap
common-lisp.
Next: Indexes, Previous: Packages, Up: The trivial-ldap Reference Manual [Contents][Index]
Definitions are sorted by export status, category, package, and then by lexicographic order.
Next: Internals, Previous: Definitions, Up: Definitions [Contents][Index]
Next: Ordinary functions, Previous: Public Interface, Up: Public Interface [Contents][Index]
Next: Generic functions, Previous: Macros, Up: Public Interface [Contents][Index]
Instantiate a new entry object.
Create an entry object from the list return by search.
Instantiate a new ldap object.
Next: Standalone methods, Previous: Ordinary functions, Up: Public Interface [Contents][Index]
Abandon the request and suck any data off the incoming stream. Because the receive-message will keep receiving messages until it gets one with the correct message number, no action needs to be taken here to clear the incoming data off the line. It’s unclear that’s the best solution, but (clear-input) doesn’t actually work and trying to read non- existent bytes blocks...
Compare entry’s att/val; calle by both entry/compare methods.
Assert an entry has an att=val; return t or nil, or throw error.
Delete an entry from LDAP; error unless successful.
Delete an entry object from ldap; error unless successful.
Modify the RDN of an LDAP entry.
Modify the RDN of an LDAP entry; update the entry object as well.
Next: Conditions, Previous: Generic functions, Up: Public Interface [Contents][Index]
Next: Classes, Previous: Standalone methods, Up: Public Interface [Contents][Index]
error.
mesg.
Condition that is signalled when a binary field is being parsed as a string
error.
The name of the key which has binary content
:key
This slot is read-only.
Previous: Conditions, Up: Public Interface [Contents][Index]
cons
:attrs
integer
trivial-ldap::+ldap-port-no-ssl+
:port
port.
symbol
:sslflag
(or null stream)
:ldapstream
:ldapsock
nil, t, or rebind
symbol
t
:reuse-connection
(or null (integer 0))
:timeout
NIL means no wrapping. :CONF
indicates encryption. Other values means plain wrapping.
symbol
:debugflag
:response
:entry-buffer
(boolean)
:results-pending-p
string
""
Previous: Public Interface, Up: Definitions [Contents][Index]
Next: Special variables, Previous: Internals, Up: Internals [Contents][Index]
Flag indicating more tag number bytes follow
Flag indicating tag number requires > 1 byte
OID of the paging control.
OID of the unsolicited disconnection reponse.
Default LDAP Port.
Default LDAPS Port.
LDAP version 3.
As defined by the LDAP RFC.
Format directive to print a list of line wrapped hex numbers.
Next: Ordinary functions, Previous: Special variables, Up: Internals [Contents][Index]
If debugging in T, print a message.
Next: Generic functions, Previous: Macros, Up: Internals [Contents][Index]
Return representation of an integer as a list of base 256 ’digits’.
Given a list of base 256 ’digits’ return an integer.
Return the bits to construct a BER tag of type class.
Given a sequence or integer, return a BER length.
Given a BER tag and a sequence of data, return a message
Return the bit to construct a BER tag of class primitive or constructed.
Construct the list of bytes that constitute a BER tag number 0-127.
CLASS should be the symbol universal, applicaiton, context, or private.
P/C should be the symbol primitive or constructed.
NUMBER should be either an integer or LDAP application name as symbol.
Construct the bits that kicks off a BER tag byte.
Convert a list of bytes into a string.
Convert a vector of bytes into a string.
Determine if the message number of a BER response is correct. Returns BER response if it is correct or NIL otherwise.
Return 2s comp. representation of INT.
Given a symbol naming an ldap command, return the command number.
Given an application number, return the command name as symbol.
Given a deref symbol return the enumeration int.
Given a comparison character, return its integer enum value.
Given a modify type, return the enumeration int.
Given a scope symbol return the enumeration int.
Given a substring type, return its integer choice value.
Return the sequence of bytes representing a compare message.
Return the sequence of bytes representing a delete message.
Return the sequence of bytes representing a moddn message.
Return the sequence of bytes representing a modify message.
Return the sequence of bytes representing a search message.
Instantiate a new referrer object.
Convert sequence of twos-complement octets into an integer.
Given a DN, return its RDN and a cons of (att . val)
Given an application tag, return which ldap app number it represents.
Decode a BER encoded response (minus initial byte & length) from LDAP.
Read an int from the message.
Given message starting with length marker.
Read message number from the seq, return t or nil.
Read an octet vector from the message.
Read a string from the message.
Read length of LDAP message from stream, return length & the bytes read.
BER encode an attribute and set of values (for use in modify).
BER encode an entry object’s attribute alist (for use in add).
BER encode an ldap attribute assertion (for use in compare).
BER encode a list of attributes (for use in search).
BER encode an ldap attribute value assertion (for use in filters).
BER encode a boolean value.
BER encode a context-specific, constructed choice.
BER encode an enumeration value.
BER encode an integer value.
BER encode a NULL
BER encode an octet string value.
BER encode a context-specific choice.
BER encode a string/symbol for use in a primitive context.
BER encode a sequence of TLVs.
BER encode a set of TLVs.
Given a search value with *s in it, return a BER encoded list.
Split a substring filter value into a list, retaining the * separators.
Convert a string into a list of bytes.
Return T if this is the valid initial tag byte for an LDAP response.
Next: Classes, Previous: Ordinary functions, Up: Internals [Contents][Index]
code.
msg.
automatically generated reader method
automatically generated writer method
Take appropriate reopen or rebind actions based on the reuse-connection attr. If the attribute is nil, do nothing; if t, reopen; and, if bind, rebind. This function exists to help the poor saps (read: me) with very fast idletimeout settings on their LDAP servers.
key.
automatically generated reader method
ptr.
automatically generated writer method
ptr.
automatically generated reader method
vec.
automatically generated writer method
vec.
Previous: Generic functions, Up: Internals [Contents][Index]
Previous: Definitions, Up: The trivial-ldap Reference Manual [Contents][Index]
| Jump to: | (
A B C D E F G H I L M N O P R S T U V W |
|---|
| Jump to: | (
A B C D E F G H I L M N O P R S T U V W |
|---|
Next: Data types, Previous: Functions, Up: Indexes [Contents][Index]
| Jump to: | *
+
A B C D E F G H I K L M N P R S T U V W |
|---|
| Jump to: | *
+
A B C D E F G H I K L M N P R S T U V W |
|---|
| Jump to: | C E F L P R S T |
|---|
| Jump to: | C E F L P R S T |
|---|