Testing erlang ldap lib eldap with local ldap server the easy way
First we need to pick an ldap server to run, I've heard horror stories about setting up ldap servers locally for testing purposes so I was surpised by how easy it was to setup a ldap server using Apache Directory Studio which is a kind of Visual Tool to manage Apache Directory from an Eclipse based UI.
We start by downloading it from the Apache Directory Download Page
After downloading and unpacking it (snippet for the lazy linux users):
wget http://mirrors.fe.up.pt/pub/apache//directory/studio/dist/2.0.0.v20130628/ApacheDirectoryStudio-linux-x86_64-2.0.0.v20130628.tar.gz tar -xzf ApacheDirectoryStudio-linux-x86_64-2.0.0.v20130628.tar.gz
Now we start it, in my case I had some segfaults as noted on the download page so I had to add the variable declaration before, it works for fedora, you may have to change the path a little:
GTK2_RC_FILES=/usr/share/themes/Raleigh/gtk-2.0/gtkrc ./ApacheDirectoryStudio
Now that we have it running we will see something like this:
We first create a new server by clicking on new server on the bottom left:
We pick "ApacheDS 2.0.0" just because we like to be in the bleeding edge (?):
If we double click the created server we can see the config, I leave everything as default:
We now start the server by clicking the green run button on the bottom left:
Then we want to create a connection, we do that by right clicking the server and selecting "Create a Connection":
Then we connect:
Now we can see the details of the server on the top left panel, we click the entry named "dc=example,dc=com" (in my case, if you changed the config it may be different for you.
on the pop up menu we pick "New -> New Entry":
On the dialog we select "Create entry from scratch" and click next:
We want to create an organization unit to hold our users so we start typing "org" on the "Available object classes" entry until we see the entry "organizationalUnit":
We select it and click the "Add" button, when the right panel is populated we click "Next >"
On the next step of the dialog we enter "ou" on the RDN entry and "users" on the right side and click "Next >"
On the next step we click "Finish"
Now we want to create a new user under our "users" organization unit, to do that we right click ont he users ou and again select "New -> New Entry" and pick "Create entry from scratch" and then "Next >".
after that we look for the object class "inetOrgPerson" and click "Add" and then "Next >":
On the next step we enter uid as RDN and the username as value on the right side, in my case it will be mariano because I'm egocentric :P
Then we click "Next >" and on the next step we fill cn (Common Name) and sn (Surename) and click "Finish"
by the way, dc is Domain Component and dn is Distinguished Name ;)
Now we have our first user but it doesn't have a password, let's set it by double clicking the user on the top left pannel and clicking the "New Attribute" on the bar at the top of the center panel:
On the dialog that opens we pick "Attribute type" "userPassword" and click "Next >"
We enter a password:
And that's it, we have a user with a password inside an organization unit!
Now that we have the server running and one user we can code some erlang to try it.
Most of the code was taken from the Erlang Central Article "How To Talk LDAP from Erlang"
1> Host = "127.0.0.1". "127.0.0.1" 2> Port = 10389. 10389 3> {_,S} = eldap:open([Host], [{port, Port}]). {ok,<0.37.0>} 4> UserRest = "ou=users,dc=example,dc=com". "ou=users,dc=example,dc=com" 5> Username = "mariano". "mariano" 6> Password = "secret". "secret" 7> DN = "uid=" ++ Username ++ "," ++ UserRest. "uid=mariano,ou=users,dc=example,dc=com" 8> 8> eldap:simple_bind(S, DN, Password). ok 9> eldap:simple_bind(S, DN, "anothersecret"). {error,invalidCredentials}
and that's the basics, there's some more code in the article were this code was based.
You can also find the docs for the eldap library in the erlang documentation for eldap