CODEWITHSUNDEEP
searchfilterldapjndi
adbdkb
adbdkb

Reputation: 2181

How to combine two ldap queries / searches - ldap subqueries

I have two LDAP JNDI queries where:

1> One gets list of all users belonging to a specific group

below is my code for this

String group = StringUtils.isBlank(groupName) ? "*" : groupName
                    .endsWith("*") ? groupName : groupName + "*";
            // Create the search controls
            SearchControls searchCtls = new SearchControls();

            // Specify the search scope
            searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);

            // specify the LDAP search filter
            String searchFilter = "(&(objectClass=*)(CN=" + group + "))";

            // Specify the Base for the search
            // String searchBase =
            // "ou=internal,ou=groups,ou=people,dc=somecomp,dc=com";
            String searchBase = "";

            // initialize counter to total the group members
            int totalResults = 0;

            // Specify the attributes to return
            String returnedAtts[] = { "member" };
            searchCtls.setReturningAttributes(returnedAtts);

            // Search for objects using the filter
            NamingEnumeration<?> answer = ctx.search(searchBase, searchFilter,
                    searchCtls);

2> Second gets all the attributes for a user given a userid

This is the code for the second query

String attrName = "uid="
                    + userId
                    + ","
                    + (isInternal ? "ou=internal,"
                            : isExternal ? "ou=external,"
                                    : LDAPServicesConstants.EMPTY_STRING)
                    + "ou=people,dc=somecomp,dc=com";
            Attributes attrs = ctx.getAttributes(attrName);
            if (attrs != null) {
                for (NamingEnumeration<?> ae = attrs.getAll(); ae.hasMore();) {
                    Attribute attr = (Attribute) ae.next();
                    String uidAttribute = attr.getID();
                    if (!LDAPHelperUtilities.isSystemAttribute(ctx,
                            uidAttribute)) {
                        ArrayList<String> attrValues = new ArrayList<String>();
                        for (NamingEnumeration<?> attrEnum = attr.getAll(); attrEnum
                                .hasMore(); attrValues.add(String
                                .valueOf(attrEnum.next()))) {
                        }
                        userAttrs.put(uidAttribute.toLowerCase(),
                                (String[]) attrValues
                                        .toArray(new String[0]));
                        log.debug("value(s) : "
                                + Arrays.asList((String[]) userAttrs
                                        .get(uidAttribute.toLowerCase())));
                    }
                }

I have a need to combine these two queries into one as calling the second one for each uid from first is not an option ( it could return thousands of users ).

Is there a way I can combine these two and return a collection of collection of attributes for each user

Thank you

Upvotes: 1

Views: 5694

Answers (2)

ShaMan-H_Fel
ShaMan-H_Fel

Reputation: 2209

If it was Active Directory I would say use (&(objectClass=user)(memberOf=groupDN)).

Check if your LDAP server has similar field on the user object i.e. field which points to the groups of which the user is member. Then construct a filter using this field. Thus you will have only two queries - one for the group DN, and another one for all the users.

Upvotes: 1

user207421
user207421

Reputation: 311015

Just change 'returnedAtts' from "member" to "*". That gives you all the (non-operational) attributes.

Upvotes: 1

Related Questions