JSON-RPC web service for LDAP directory access
The Json2Ldap is a JSON-RPC 2.0 web gateway for LDAP directory access.
Supported LDAP operations and controls
Json2Ldap supports all core LDAP operations (RFC 4510):
It also supports a number of popular LDAP controls and extensions:
- Authorisation identity bind control (RFC 3829).
- Server-side sorting of search results (RFC 2891).
- Simple paged results (RFC 2696).
- Virtual-list-view search control (draft-ietf-ldapext-ldapv3-vlv-09)
- Sub-tree delete (draft-armijo-ldap-treedelete-02).
Extended LDAP operations:
Directory server compatibility
Json2Ldap is compatible with any directory supporting the current version 3 of the Lightweight Directory Access Protocol (LDAP).
Popular directory servers:
Json2Ldap handles JSON remote procedure call (RPC) requests for all standard directory operations as well as requests for a few useful LDAP extensions. See the Json2Ldap web API.
|Directory connection »||Directory authentication »||Directory read and search »|
|Directory write operations »||Extended directory operations »||Utility functions »|
|Directory schema information »||SRP-6a authentication »|
|Web service information »|
|Access control »||Web API settings »|
Client access control: SSL / X.509 security, client IP whitelist, API keys.
Enable / disable Json2Ldap calls, exception reporting, HTTP response content type.
|LDAP connections »||Default LDAP server »|
LDAP connection settings: directory server whitelists, security, auto-reconnect, time limits.
Specify a default LDAP directory server (single / replicated) for ldap.connect requests.
|Custom trust / key store for TLS/SSL LDAP »||SRP-6a authentication »|
Custom trust and / or key store for TLS / SSL LDAP connections.
Optional settings for Secure Remote Password (SRP-6a) authentication.
Json2Ldap uses the popular Log4j framework. The following event types can be selectively logged:
On a HTTP request: method name, client IP, CORS origin (if applicable).
On a JSON-RPC 2.0 request: method name, LDAP connection identifier (CID) (if applicable), response status (success or error code).
The creation, termination and expiration of LDAP connections.
Internal Json2Ldap exceptions.
Logging is configured by the
Sample LDAP directory server
A sample LDAP directory server is included in the Json2Ldap WAR to enable
evaluation and testing of the service without an external directory. The
sample directory is enabled / disabled and configured through the
System requirements and dependencies
Java servlet API 4.0.1+
The web service requires about 100 megabytes of memory to boot, then about 1 kilobyte for each open LDAP connection.
All package dependencies are included in the distributed Json2Ldap WAR file.