Riverwatcher Active Content Environment

RACE Documentation:

DATABASE (LDAP) - Interface for native LDAP support in RACE. (Available in RACE v3.1.7b0 and later)

  • TYPE - The database type to access - must be "ldap" when using ldap.
  • HOST - The hostname of the database server, if not local.
  • PORT - The port of the database server.
  • DN - When action is "delete" or "compare", specifies the entry to delete or compare.
  • USER - The LDAP username to log in with.
  • PASSWORD - The LDAP password to log in with.
  • ACTION - The LDAP action to perform.
  • SCOPE - The LDAP scope to work with. Default is oneLevel, can be either onelevel, base, or subtree to specify the scope of entries returned.
  • FILTER - Default value is "(objectClass=*)" e.g. filter="(sn = Ryan)"
  • FIELDS - When action is "add", "modify" or "compare", an array of hashes that specify the LDAP attributes to add, modify or compare.
  • TIMEOUT - Default is 60 seconds. RACE connects to the LDAP server synchronously, so a timeout value can be set to abort the connection.
  • TLS - Default is none. If tls is set to "required" then the database connection to the ldap will fail if a tls connection cannot be started. If tls is set to "optional" then RACE will attempt to connect via tls first and falls back to unsecured connection should tls connection fails.
  • STARTROW - This attribute can be used to indicate which row (or record number) to start processing. When used alone or in conjunction with the optional MAXROWS attribute, you can restrict the portion of the records that are returned to the DATABASE tag to execute
  • MAXROWS - This attribute is used to limit the number of rows to be executed by the DATABASE tag.
  • ^M
The LDAP support in RACE's DATABASE tag makes interfacing with LDAP significantly easier. The necessary attributes do change based on the action:

When the action is "add", the FIELDS attribute must be an array of hashes that specifies the ldap attributes to add. e.g. fields="{name='sn' values=['Tron']},{name='mail"' values=['info@riverwatcher.com']},{name='telephonenumber' values=['217 355 1555', '355-7659']}"

When the action is "delete", the only required attibute is DN which specifies the entry to delete. Also, most ldap servers will require a user and password to be specified during connection. Otherwise, anonymous binding to the ldap server would not allow modification to directory entries.

When the action is "modify", the FIELDS attribute must be an array of hashes that specifies the ldap attributes to modify. Each has hash within the array would have an additonal key of "action" to specifiy what type of modificaction action to take. e.g. fields=fields="{name='sn' values=['Tron'] action='add'},{name='mail"' values=['info@riverwatcher.com'] action='delete'},{name='telephonenumber' values=['217 355 1555', '355-7659'] action='replace'}" The above example illustrates that in the same ldap modify request, RACE allows the developer to add a ldap attribute, delete another attribute and finally replace yet another attribute within the same entry.

When the action is "compare", the required attributes are dn and fields. The compare operation is a quick way in ldap to check if an entry identified by the dn has an attribute or attributes matching the specified value or values. Normally, you use the compare operation to check the match of just one attribute/value pair within an entry. RACE, however, does allow you to check the match of more than one pair at a time. e.g.:
<database host="ldap.soltec.net" type="ldap" action="compare"
dn="uid=tron,ou=Users,dc=soltec,dc=net" host="" fields="{name='streetAddress' value='223 N. Neil St.'},{name='st' value='IL'}">
<$database.result> would be true if both the streetAddress and st attributes match the values given. Also, please note that, in the compare operation, "value" instead of "values" is used in the fields hash.

When the action is "search", the following options can be used:
SCOPE: optional, default is oneLevel, and can be either onelevel, base, or subtree to specify the scope of entries returned.
oneLevel: entries one level below entry.
base: only the entry.
subtree: entry and all levels below it.

FIELDS: (optional) an array field names to return e.g. fields="email,cn,objectClass"

FILTER: optional, default value is "(objectClass=*)" e.g. filter="(sn = Ryan)"

DN: the base dn from which the search should start e.g. dn="cn=tron,dc=soltec,dc=net"

This is best described by example:

Example - Adding a record
Error: Improperly formatted array or hash.


Example - Modifying a record

<database host="ldap.soltec.net" type="ldap" action="modify"
user="cn=ldaproot,dc=soltec,dc=net" password="letmein"
dn="uid=tron,ou=Users,dc=soltec,dc=net" host="" fields="{name='streetAddress' value='tron@soltec.net' action='replace'}"/>

This will modify the specified record(s) in the LDAP database.

note: Note that in the above example, we used value instead of values to specifying just one value to the streetAddress ldap attribute.

Example - Deleting a record

<database host="ldap.soltec.net" type="ldap" action="delete"
user="cn=ldaproot,dc=soltec,dc=net" password="letmein"

This will delete the specified record(s) in the LDAP database.

Example - Searching for records

<database host="ldap.soltec.net" type="ldap" action="search"
user="cn=ldaproot,dc=soltec,dc=net" password="letmein"
dn="ou=Users,dc=soltec,dc=net" scope="onelevel">

<$database.next> <#dn> <#sn> <#objectClass><br>


This will search for matching records in the database and return information about them.

RACE Documentation

Copyright 2009 Riverwatcher, Inc. Hosting by Riverwatcher Studios