rest2ldap mapping nested structures

This topic has 13 replies, 3 voices, and was last updated 5 years, 10 months ago by damian8m.

  • Author
    Posts
  • #4061
     damian8m
    Participant

    Hello all,
    I’ve got a question about the configuration of the rest to ldap mapping. Given well known Example.ldif and /users : there is nbohr user who has a nested device object. Is there a possibility to get it via REST? In particular is it possible to use a query similar to this: curl http://localhost:8080/rest2ldap/users/nbohr/device/quantum
    ?
    What if nbohr had two different nested nodes? ex:
    curl http://localhost:8080/rest2ldap/users/nbohr/hosts/bohrcomputer
    curl http://localhost:8080/rest2ldap/users/nbohr/device/quantum

    My LDAP structure is designed in a way that I’ve got many nested objects. I see that there is possibility to create a reference, but I don’t think this is what I’m looking for.

    So once again, is there any possibility to create such mapping?
    Any help would be greatly appreciated.

    #4065
     Ludo
    Moderator

    Hi

    Currently, the REST2LDAP service doesn’t support nested structures. This is scheduled for the next major release of OpenDJ and still to be implemented.

    Regards,

    Ludo

    #4068
     damian8m
    Participant

    Thanks Ludo,
    Do you know when the next release is scheduled?

    Regards,
    Damian

    #4077
     Ludo
    Moderator

    OpenDJ 3.0 is scheduled for this calendar year. The roadmap still tells Q2 2015, but we may move it to the end of the year to align with all other ForgeRock projects and products.

    #6378
     damian8m
    Participant

    Hi, any news in this topic?

    #6439
     Ludo
    Moderator

    Yes there are news. OpenDJ 3.0 will be released mid December, but there is no support for nest structures in the REST2LDAP service. This is still on the roadmap, most likely for the release after 3.0, but we’re still in the planning phase so I don’t have any ETA.

    #6716
     Chris Ridd
    Participant

    @damian8m the RFE for this is OPENDJ-725; you may wish to monitor that issue in our JIRA.

    #13375
     damian8m
    Participant

    Hi all,
    I see that it’s now implemented. Unfortunately the doc + example-v1.json don’t make the whole concept clear to me. And AdminEndpoint.java is not an example of a JSON config. Do you have any more examples?

    #13408
     Ludo
    Moderator

    We don’t have more examples so far.
    But have you looked at OpenDJ Reference Guide, and more specifically the “REST to LDAP Configuration” ?
    https://forgerock.org/opendj/doc/bootstrap/reference/index.html#appendix-rest2ldap

    #13449
     damian8m
    Participant

    Of course I have but I find it unclear…
    The Jira ticket above says

    Rest2Ldap now supports multi-tenancy via URL/DN templating, inheritance, sub-resources (parent-child), and polymorphism

    But I don’t see those concepts explained in the doc. I don’t see anything about how I could set up nested structures using inheritance. I see that you define resource types and you have inheritance there but how it allows you to define nested structures? Do you need also to define the subResources somewhere? Example-v1 doesn’t show a complex case using an LDAP tree that has multiple nested levels. I want to define endpoints like ex. /users, /users/{name}, /users/{name}/hosts, /users/{name}/hosts/{name}, /users/{name}/hosts/{name}/something, /users/{name}/interfaces. Should all of it be just a separate subResource?

    I feel that it has a lot of potential, but still I somehow can’t figure it out.

    #13458
     damian8m
    Participant

    I managed to figure out a GET example with nested structures. Thanks for your help.
    Is PUT and POST implemented?

    • This reply was modified 5 years, 10 months ago by damian8m.
    #13469
     damian8m
    Participant

    Sorry guys, I was looking at some old documentation. I’ve just noticed. For now all my issues are solved. Thanks!

    #13491
     Ludo
    Moderator

    @damian8m I’m happy to hear that you’ve got your use cases working. As the Product Manager for OpenDJ at ForgeRock, I’d be interested in your feedback with the new capabilities of the REST to LDAP service (here or direct email as you prefer). Good, Bad, Possible Improvements…

    #13541
     damian8m
    Participant

    Hi Ludo, sure I can provide some feedback once I manage to set it up completely.

    I have a question about a mapping.

    Is is possible to map an LDAP structure like this:

    +entities(category=entities,ou=test,dc=example,dc=com)
    --entity1(entity=entity1,category=entities,ou=test,dc=example,dc=com)
      ----+hosts(category=hosts,entity=entity1,category=entities,ou=test,dc=example,dc=com)
        -------+host1(host-name=host1,category=hosts,entity=entity1,category=entities....)
        -------+host2(host-name=host2,category=hosts,entity=entity1,category=entities.....)
      ----+interfaces(category=interfaces,entity=entity1,category=entities.....)
        -------+interface1(interface-name=int1,category=interfaces,entity=entity1,category=entities....)

    So when I do a GET query like:
    localhost/opendj/test/entities/entity1

    I get not only parameters of entity1 but also all the trees of hosts, interfaces etc (and all the hosts parameters etc)? I know that I can query hosts or interface from the example above separately, by defining another subresource, like /entities/{entity}/hosts/{host} but this is not what I want.

    Being able to get the whole tree in one JSON is the only thing I miss (and of course I would like to be able to write it to LDAP). Hope it’s clear and possible to define. Thanks for your help.

    • This reply was modified 5 years, 10 months ago by damian8m.
    • This reply was modified 5 years, 10 months ago by damian8m.
Viewing 14 posts - 1 through 14 (of 14 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?