Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/intoolswetrust/ldap-server
Simple in-memory LDAP server for testing purposes - single JAR based on ApacheDS
https://github.com/intoolswetrust/ldap-server
Last synced: 13 days ago
JSON representation
Simple in-memory LDAP server for testing purposes - single JAR based on ApacheDS
- Host: GitHub
- URL: https://github.com/intoolswetrust/ldap-server
- Owner: intoolswetrust
- License: apache-2.0
- Created: 2013-08-09T11:59:21.000Z (over 11 years ago)
- Default Branch: master
- Last Pushed: 2023-10-28T08:08:16.000Z (about 1 year ago)
- Last Synced: 2024-06-02T11:38:34.446Z (5 months ago)
- Language: Java
- Homepage:
- Size: 114 KB
- Stars: 151
- Watchers: 11
- Forks: 52
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ldap-server
Simple all-in-one LDAP server (wrapped [ApacheDS](http://directory.apache.org/apacheds/)).
You don't need any configuration files to get it working. Just launch the JAR and that's it.
Server data are not persisted, they just live in memory.
## Download
Download latest tag from [GitHub releases](https://github.com/kwart/ldap-server/releases)
### Docker container
If you search a lightweight Docker container with LDAP server for your testing, you can use `kwart/ldap-server`.
```bash
docker pull kwart/ldap-server
docker run -it --rm kwart/ldap-server
```
## Development
You can simply build the software yourself.
### How to get the sources
You should have [git](http://git-scm.com/) installed
```
git clone git://github.com/kwart/ldap-server.git
```
or you can download [current sources as a zip file](https://github.com/kwart/ldap-server/archive/master.zip)
### How to build it
You need to have [Maven](http://maven.apache.org/) installed
```bash
mvn clean package
```
### How to run it
```bash
java -jar ldap-server.jar [data.ldif]
```
#### Help
```
$ java -jar target/ldap-server.jar --help
The ldap-server is a simple LDAP server implementation based on ApacheDS. It
creates one user partition with root 'dc=ldap,dc=example'.
Usage: java -jar ldap-server.jar [options] [LDIFs to import]
Options:
--admin-password, -ap
changes password for account 'uid=admin,ou=system' (default password is
'secret')
--allow-anonymous, -a
allows anonymous bind to the server
Default: false
--bind, -b
takes [bindAddress] as a parameter and binds the LDAP server on the
address
Default: 0.0.0.0
--help, -h
shows this help and exits
Default: false
--port, -p
takes [portNumber] as a parameter and binds the LDAP server on that port
Default: 10389
--ssl-enabled-ciphersuite, -scs
takes [sslCipherSuite] as argument and enables it for 'ldaps'. Can be
used multiple times.
--ssl-enabled-protocol, -sep
takes [sslProtocolName] as argument and enables it for 'ldaps'. Can be
used multiple times. If the argument is not provided following are used:
TLSv1, TLSv1.1, TLSv1.2
--ssl-keystore-file, -skf
takes keystore [filePath] as argument. The keystore should contain
privateKey to be used by LDAPs
--ssl-keystore-password, -skp
takes keystore [password] as argument
--ssl-need-client-auth, -snc
enables SSL 'needClientAuth' flag
Default: false
--ssl-port, -sp
adds SSL transport layer (i.e. 'ldaps' protocol). It takes [portNumber]
as a parameter and binds the LDAPs server on the port
--ssl-want-client-auth, -swc
enables SSL 'wantClientAuth' flag
Default: false
Examples:
$ java -jar ldap-server.jar users.ldif
Starts LDAP server on port 10389 (all interfaces) and imports users.ldif
$ java -jar ldap-server.jar -sp 10636 users.ldif
Starts LDAP server on port 10389 and LDAPs on port 10636 and imports the LDIF
$ java -jar ldap-server.jar -b 127.0.0.1 -p 389
Starts LDAP server on address 127.0.0.1:389 and imports default data (one user
entry 'uid=jduke,ou=Users,dc=ldap,dc=example'
```
#### SSL/TLS
If you want to enable SSL/TLS ('ldaps') and use your own certificate, the generate (or import) the private key into a JKS keystore and provide path to it as argument.
```bash
# generate a keypair
keytool -validity 365 -genkey -alias myserver -keyalg RSA -keystore /tmp/ldaps.keystore -storepass 123456 -keypass 123456 -dname cn=myserver.mycompany.com
# use the generated keypair (-skf) with given password (-skp)
# We also enable detail SSL debug information by setting javax.net.debug system property.
java -Djavax.net.debug=all -jar target/ldap-server.jar -sp 1038389 -skf /tmp/ldaps.keystore -skp 123456
```
## Default LDIF
```
version: 1
dn: dc=ldap,dc=example
dc: ldap
objectClass: top
objectClass: domain
dn: ou=Users,dc=ldap,dc=example
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: uid=jduke,ou=Users,dc=ldap,dc=example
objectClass: top
objectClass: person
objectClass: inetOrgPerson
cn: Java Duke
sn: duke
uid: jduke
userPassword: theduke
dn: ou=Roles,dc=ldap,dc=example
objectclass: top
objectclass: organizationalUnit
ou: Roles
dn: cn=Admin,ou=Roles,dc=ldap,dc=example
objectClass: top
objectClass: groupOfNames
cn: Admin
member: uid=jduke,ou=Users,dc=ldap,dc=example
```
## Deploy/Release
Deploy snapshots
```
mvn clean install deploy
```
Release
```
mvn -Prelease release:prepare
mvn -Prelease release:perform
```
## Sample usage (LDAP search)
The `ldapsearch` Linux tool is used in the following examples:
```bash
$ # Anonymous LDAP search
$ # the 172.17.0.2 is the IP address of the kwart/ldap-server docker container
$ ldapsearch -x -b "dc=ldap,dc=example" -LL -H ldap://172.17.0.2 | head -n 13
version: 1
dn: ou=Roles,dc=ldap,dc=example
ou: Roles
objectclass: top
objectclass: organizationalUnit
dn: cn=Admin,ou=Roles,dc=ldap,dc=example
cn: Admin
objectclass: top
objectclass: groupOfNames
member: uid=jduke,ou=Users,dc=ldap,dc=example
$ # LDAP search with a user authentication:
$ ldapsearch -x -b "dc=ldap,dc=example" -LL -H ldap://172.17.0.2 -D "uid=jduke,ou=Users,dc=ldap,dc=example" -w theduke | tail -n 10
dn: dc=ldap,dc=example
dc: ldap
objectclass: top
objectclass: domain
dn: ou=Users,dc=ldap,dc=example
ou: Users
objectclass: top
objectclass: organizationalUnit
```
## License
* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)