Help Manual

LDAP Connectivity

Documentation for LDAP drivers found within JDBC Driver Pack

LDAP

Building the JDBC URL

After installing the license, access the connection management page by executing the command java -jar kingswaysoft.jdbc.jar. Enter the necessary details, and the program will automatically generate the JDBC connection URL. Users can click Test Connection to test the generated URL, and Copy to Clipboard to copy the connection string for use within the application where the JDBC driver is being used.

Note: If the license is not installed, you can still use the connection manager to generate a JDBC URL; however, the 'Test Connection' feature will be disabled.

General Page

The General page of the LDAP Connection Manager allows you to specify the general settings of the connection:

connectionmanage

Server

The Server field lets you specify the name or address of the LDAP domain that you want to connect to.

Port

The Port field lets you choose or specify the port with which you want to connect to your LDAP. The default port number is 389 which can be modified.

Authentication
Authentication Mode

The Authentication Mode option allows you to choose the method used to authenticate with the LDAP API. Available options are:

  • Anonymous
  • Basic
  • Negotiate
  • Digest
  • External
  • Kerberos

Authentication Methods for LDAP

Anonymous

Establishes a connection to the LDAP server without providing any credentials. Access is typically very limited and often disabled on secure servers.

Basic

The simplest form of authentication. It sends a username and password in a slightly encoded (Base64) but easily reversible format over the network.

Negotiate

A mechanism that automatically chooses the best available method, typically between Kerberos or NTLM, based on what the server supports.

Digest

A challenge-response authentication method. The password is not sent over the wire. Instead, a cryptographic hash is sent, making it more secure than Basic authentication. It can be extended to provide signing Signing and encryption Sealing.

External

Authentication is performed using an external channel, not a username and password.

Kerberos

A secure, ticket-based network authentication protocol. It uses tickets to prove identity without sending passwords over the network, requiring a properly configured Kerberos realm.

Authentication
User Name

The User Name field allows you to specify the user account that you want to use to connect to your LDAP. Depending on how you want to manipulate your data, the user account needs to have proper privileges to do so.

Password

The Password field allows you to specify the password for the above user account in order to authenticate with LDAP.

Session Options

Flags used to configure the connection's security features. Signing/Sealing are used for SASL integrity/confidentiality, and SSL is used to enable SSL settings.

SSL Settings for LDAP

Certificate Validation

Determines how the client validates the LDAP server's SSL/TLS certificate. Available options are:

  • VerifyByTrustedRoot: Standard validation using the JVM's trusted root certificate store
  • SkipVerification: Disables all certificate validation
  • ManuallySpecifyCertificate: Use a specific client certificate for authentication instead of a username/password
Path to Certificate

The file system path to a PKCS12 certificate file (.pfx). This is only used if Certificate Validation is set to ManuallySpecifyCertificate.

Certificate Password

The password required to access the private key within the PKCS12 file specified in Path to Certificate.

Using the JDBC Driver

Explore detailed examples in this section that demonstrate the application of JDBC classes such as Connection, Statement, and ResultSet to effectively manage interactions with LDAP data. This section covers the use of regular statements and prepared statements for executing complex or frequently executed queries.

Executing Statements

Once you've connected from your code (see Connecting with DriverManager and Connecting with DataSource), you can execute SQL statements using the Statement class. Refer to the Executing Prepared Statements section for information on how to execute parameterized statements.

SELECT

Use the Statement class's generic execute method or the executeQuery method to execute SQL statements that return data. To retrieve the results of a query, you would then call the getResultSet method of the Statement.

String sql = "SELECT * FROM user WHERE cn = 'Arielle.Ortiz'";
try {
    ResultSet resultSet = statement.executeQuery(sql);
    LOGGER.info(resultSet.toString());
} catch (SQLException e) {
    LOGGER.severe(e.toString());
}

INSERT

Use either the generic execute method or the executeUpdate method of the Statement class to execute an INSERT operation.

The results of SQL queries are saved in a ResultSet. You can retrieve the ResultSet after execution to view the inserted data's ID, exceptions raised during execution, and details of the affected data.

String sql = "INSERT INTO user (cn, userPrincipalName, department) VALUES ('Jdbc.Test', '[email protected]', 'Sales')";
try {
    statement.executeUpdate(sql);
    LOGGER.info(statement.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.severe(e.toString());
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,[Attribute(name=objectClass, values={'user'}), Attribute(name=cn, values={'Jdbc.Test'}), Attribute(name=userPrincipalName, values={'[email protected]'}), Attribute(name=department, values={'Sales'})],false

UPDATE

Use either the generic execute method or the executeUpdate method of the Statement class to execute an UPDATE operation.

The results of SQL queries are saved in a ResultSet. You can retrieve the ResultSet after execution to view the updated data's ID, exceptions raised during execution, and details of the affected data.

String sql = "UPDATE user SET department = 'department' WHERE cn = 'Jdbc.Test'";
try {
    statement.executeUpdate(sql);
    LOGGER.info(statement.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.severe(e.toString());
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,[LDAPModification(type=replace, attr=department, values={'department'})],false

DELETE

Use either the generic execute method or the executeUpdate method of the Statement class to execute a DELETE operation.

The results of SQL queries are saved in a ResultSet. You can retrieve the ResultSet after execution to view the deleted data's ID, exceptions raised during execution, and details of the affected data.

String sql = "DELETE FROM user WHERE cn = 'Jdbc.Test'";
try {
    statement.executeUpdate(sql);
    LOGGER.info(statement.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.severe(e.toString());
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,null,false

Executing Prepared Statements

Using a PreparedStatement can improve performance when you need to execute a SQL statement multiple times with different parameters. Unlike a Statement object, a PreparedStatement object is provided with a SQL statement when it is created, which can then be executed with different values each time. This special type of statement is derived from the more general class, Statement.

Below are the steps outlining how to execute a prepared statement:

  1. Create a PreparedStatement: Use the prepareStatement method of the Connection class to instantiate a PreparedStatement. Refer to Connecting with DriverManager or Connecting with DataSource for information related to establishing connections.
  2. Set Parameters: Declare parameters by calling the corresponding setter method of the PreparedStatement. Note: The parameter indices start at 1.
  3. Execute the Statement: Use the generic execute or executeUpdate method of the PreparedStatement.
  4. Retrieve Results: Call the getResultSet method of the Prepared Statement to obtain the query results, which will be returned as a ResultSet.
  5. Iterate Over the Result Set: Use the next method of the ResultSet to iterate through the results. To obtain column information, utilize the ResultSetMetaData class. Instantiate a ResultSetMetaData object by calling the getMetaData method of the ResultSet.

SELECT

Use the Statement class's generic execute method or the executeQuery method to execute SQL statements that return data.

The results of SQL queries are saved in a ResultSet. You can retrieve the ResultSet after execution to view the retrieved data.

String sql = "SELECT * FROM user WHERE cn = ?";
try {
    PreparedStatement ps = connection.prepareStatement(sql);
    ps.setString(1, "Arielle.Ortiz");
    ps.execute(query);
    while (ps.getResultSet().next()) {
        for (int i = 1; i <= ps.getResultSet().getMetaData().getColumnCount(); i++) {
            LOGGER.info(ps.getResultSet().getMetaData().getColumnLabel(i) + "="
            + ps.getResultSet().getString(i));
        }
    }
} catch (SQLException e) {
    LOGGER.error(e);
}

INSERT

Use either the generic execute method or the executeUpdate method of the Statement class to execute an INSERT operation.

The results of SQL queries are saved in a ResultSet. Users can retrieve the ResultSet after execution to view the ID of inserted data, exceptions raised during execution, and the data affected by the insertion.

String sql = "INSERT INTO user (cn, userPrincipalName, department) VALUES (?, ?, ?)";

try {
    PreparedStatement ps = connection.prepareStatement(sql);
    ps.setString(1, "Jdbc.Test");
    ps.setString(2, "[email protected]");
    ps.setString(3, "Sales");
    ps.executeUpdate();
    LOGGER.info(ps.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.error(e);
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,[Attribute(name=objectClass, values={'user'}), Attribute(name=cn, values={'Jdbc.Test'}), Attribute(name=userPrincipalName, values={'[email protected]'}), Attribute(name=department, values={'Sales'})],false

UPDATE

Use either the generic execute method or the executeUpdate method of the Statement class to execute an UPDATE operation.

The results of SQL queries are saved in a ResultSet. Users can retrieve the ResultSet after execution to view the ID of updated data, exceptions raised during execution, and the data affected by the update.

String sql = "UPDATE user SET department = ? WHERE cn = ?";
try {
    PreparedStatement ps = connection.prepareStatement(sql);
    ps.setString(1, "department");
    ps.setString(2, "Jdbc.Test");
    ps.executeUpdate();
    LOGGER.info(ps.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.error(e);
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,[LDAPModification(type=replace, attr=department, values={'department'})],false

DELETE

Use either the generic execute method or the executeUpdate method of the Statement class to execute a DELETE operation.

The results of SQL queries are saved in a ResultSet. You can retrieve the ResultSet after execution to view the deleted data's ID, exceptions raised during execution, and details of the affected data.

String sql = "DELETE FROM user WHERE cn = ?";
try {
    PreparedStatement ps = connection.prepareStatement(sql);
    ps.setString(1, "Jdbc.Test");
    ps.executeUpdate();
    LOGGER.info(ps.getResultSet().toString());
} catch (SQLException e) {
    LOGGER.error(e);
}

cn,errorcode,errormessage,processdata,haserrors
Jdbc.Test,null,null,null,false

Metadata Discovery

This section provides examples on how to retrieve table and column metadata using the getTables and getColumns methods from the DatabaseMetaData interface. These are essential for discovering database structures.

Tables

The getTables method from the DatabaseMetaData interface can be used to retrieve a list of tables.

This method only retrieves tables that are not write-only.

To get a list of tables which include write-only tables, query the table [system.tables](/products/jdbc-driver-pack/help-manual/advancedfeatures#systemtables).

try {
    Connection connection = buildRestConnectionFromDriverManager();
    ResultSet rs = connection.getMetaData().getTables(null, null, null, null);
    LOGGER.info("\r\n" + rs.toString());
} catch (SQLException e) {
    LOGGER.severe(e.getMessage());
}

TABLE_CAT,TABLE_SCHEM,TABLE_NAME,TABLE_TYPE,REMARKS
null,null,group,Table,nullnull,null,organizationalUnit,Table,nullnull,null,system.columns,Table,nullnull,null,system.tables,Table,nullnull,null,user,Table,null

The getTables method returns the following metadata columns:

Column Name Data Type Description
TABLE_CAT String The catalog that contains the table.
TABLE_SCHEM String The schema of the table.
TABLE_NAME String The name of the table.
TABLE_TYPE String The type of the table (e.g., TABLE or VIEW).
REMARKS String An optional description of the table.

Columns

Use the getColumns method of the DatabaseMetaData interface to retrieve detailed information about database columns. To narrow the results to a specific table, specify the table name using the parameter table_name.

This method returns columns only for tables that are not write-only.

To get columns for tables which are write-only, query the table [system.columns](/products/jdbc-driver-pack/help-manual/advancedfeatures#systemcolumns).

try {
    Connection connection = buildRestConnectionFromDriverManager();
    ResultSet rs = connection.getMetaData().getColumns(null, null, "user", null);
    LOGGER.info(rs.toString());
} catch (SQLException e) {
    e.printStackTrace();
}

TABLE_CAT,TABLE_SCHEM,TABLE_NAME,COLUMN_NAME,DATA_TYPE,TYPE_NAME,COLUMN_SIZE,BUFFER_LENGTH,DECIMAL_DIGITS,NUM_PREC_RADIX,NULLABLE,REMARKS,COLUMN_DEF,SQL_DATA_TYPE,SQL_DATETIME_SUB,CHAR_OCTET_LENGTH,ORDINAL_POSITION,IS_NULLABLE,IS_AUTOINCREMENT,IS_GENERATEDCOLUMN,DTS_TYPE
null,null,user,accountExpires,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,badPasswordTime,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,badPwdCount,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,c,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,cn,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,co,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,codePage,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,company,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,countryCode,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
null,null,user,dSCorePropagationData,12,VARCHAR,null,null,0,0,null,null,null,12,null,null,null,null,null,null,DT_WSTR
......

The getColumns method returns the following columns:

Column Name Data Type Description
TABLE_CAT String The database name.
TABLE_SCHEM String The table schema.
TABLE_NAME String The table name.
COLUMN_NAME String The column name.
DATA_TYPE Integer The data type represented by a constant value from java.sql.Types.
TYPE_NAME String The data type name used by the driver.
COLUMN_SIZE Integer The length in characters of the column or the numeric precision.
BUFFER_LENGTH Integer The buffer length.
DECIMAL_DIGITS Integer The column scale or number of digits to the right of the decimal point.
NUM_PREC_RADIX Integer The radix, or base.
NULLABLE Integer Whether the column can contain null as defined by the following JDBC DatabaseMetaData constants: columnNoNulls (0) or columnNullable (1).
REMARKS String The comment or note associated with the object.
COLUMN_DEF String The default value for the column.
SQL_DATA_TYPE Integer Reserved by the specification.
SQL_DATETIME_SUB Integer Reserved by the specification.
CHAR_OCTET_LENGTH Integer The maximum length of binary and character-based columns.
ORDINAL_POSITION Integer The position of the column in the table, starting at 1.
IS_NULLABLE String Whether a null value is allowed: YES or NO.
IS_AUTOINCREMENT String Whether the column value is assigned by LDAP in fixed increments.
IS_GENERATEDCOLUMN String Whether the column is generated: YES or NO.
DTS_TYPE String Object DTS attribute type.

Primary Keys

The getPrimaryKeys method in the DatabaseMetaData interface is used to retrieve metadata about primary keys for a given table in LDAP.

try {
    Connection connection = buildRestConnectionFromDriverManager();
    ResultSet resultSet = connection.getMetaData().getPrimaryKeys(null, null, "user");
    LOGGER.info("\r\n" + resultSet.toString());
    Assertions.assertNotNull(resultSet);
} catch (SQLException e) {
    LOGGER.severe(e.getMessage());
}

TABLE_NAME,PRIMARY_COLUMN_NAME
user,cn

The getPrimaryKeys method returns the following columns:

Column Name Data Type Description
TABLE_NAME String The name of the table that contains the primary key.
PRIMARY_COLUMN_NAME String The name of the column that serves as the primary key for the table.

Connection Settings

Connection Setting Type Default Value Description
ApiThrottleRate Integer 5 The maximum number of API requests a client can make to the server within a specific time period, defined in requests per second.
AuthenticationMode String "AuthorizationCode" AuthenticationType specifies the method used to authenticate when connecting to LDAP.
CacheExpirationTime Integer 30 Defines the expiration time for cache. A value of 0 disables caching.
CertificatePassword String "" The password used to access the keystore file.
ConcurrentWritingThreads Integer 1 The number of threads for executing operations in parallel. A value of 0 will disable multi threading.
ConnectionTimeout Integer 30 ConnectionTimeout is the maximum amount of time the program will wait to set up a connection to the LDAP API.
ContainerPath String "" The starting point in the LDAP tree where a search operation should begin. It defines the scope of users or computers you are querying.
IgnoreCertificateErrors Boolean false Specifies whether to verify the certificate when connecting to LDAP. If no certificate verification is required, you can set this value to 'true'.
IgnoreError Boolean false Determines if the program continues executing SQL statements after encountering an error.
LDAPPort Integer 389 The network port number on the server where the LDAP service is listening (E.g., 389 for plain text, 636 for LDAPS).
LDAPServer String "" The network address (hostname or IP) of the LDAP server you need to connect to. This is the location of the LDAP service itself.
LogFileSize String "10485760" A string specifying the maximum size in bytes for a log file.
LogLevel String "INFO" The logging level for the JDBC driver.
LogPath String "./jdbcLogs" The directory where log files are stored.
OemKey String "" The OEM license key.
Password String "" The secret credential associated with the username, used to prove identity and gain access to the LDAP server.
PathToCertificate String "" PathToCertificate specifies the file path where the keystore file for connecting to LDAP is located.
ReadBatchSize Integer 100 ReadBatchSize is used to set how many records can be read from LDAP in a single call. LDAP has a maximum ReadBatchSize of 100.
ResultPath String "" The path where the execution result files are saved.
RetryOnIntermittentErrors Boolean true The RetryOnIntermittentErrors parameter indicates whether to retry the connection when it might occasionally fail due to temporary issues.
SaveResult Boolean false The SaveResult parameter indicates whether to save the execution results to a file.
ServiceName String "LDAP" The ServiceName refers to the name of the service API selected by the user.
ServiceTimeout Integer 120 The ServiceTimeout is the timeout to receive the full response from LDAP API.
SessionOptions String "" A string containing flags to configure the connection's security features. Allowed values are "Signing", "Sealing" and "SSL.
Suppress404NotFoundError Boolean true When set to true, if a query results in an HTTP 404 error, a result set will still be created. When set to false, an error is logged instead and no result set is created.
SslCertificateValidationOption String "" Determines how the client validates the LDAP server's SSL/TLS certificate. Allowed values are "VerifyByTrustedRoot", "SkipVerification" and "ManuallySpecifyCertificate".
UserName String "" The unique identifier (Distinguished Name or User Principal Name) of the account used to bind (authenticate) to the LDAP server to perform queries or actions.
WriteBatchSize Integer 1 WriteBatchSize is used to set how many records can be written to LDAP in a single call. At this time, LDAP does not support batch writing. As such, the value of this property should be kept at 1.