Thread: JBDC LDAP support for connection parameters

JBDC LDAP support for connection parameters

From
John Neal
Date:

Does the postgres JDBC driver include LDAP support for connection parameters? I was able to get psql to connect with the parameters stored in LDAP using pg_service.conf (so I can confirm that the LDAP entry is correct), but a majority of our applications use jdbc to connect.

 

This is the document I used to configure with pg_service.conf, but I can’t find anything on doing something similar with JDBC:

http://www.postgresql.org/docs/9.1/static/libpq-ldap.html

 

For example, normally our java apps would connect to Oracle with a url like this:

jdbc:oracle:thin:@ldap://oid.myserver.com/ABC_APP_L3,cn=OracleContext

 

However, I’m not able to find a way to accomplish similar with postgres. I’ve confirmed that the driver (postgresql-9.3-1102.jdbc4.jar) works when specifying the hostname, dbname, and port, but I need it to function with LDAP. When using LDAP, this is what I would expect, but it doesn’t work.

jdbc:postgresql:@ldap:// oid.myserver.com/ ABC_APP_L3,cn=PostgresContext

 

I’d appreciate any advice.

 

John

Re: JBDC LDAP support for connection parameters

From
Sehrope Sarkuni
Date:
John,

No, the JDBC driver does not support loading data source configuration
from LDAP or using pg_service.conf. You'll need to specify the
database host/port/user as part of the JDBC connection string.

If this custom application code where you can dynamically generate the
JDBC URL then you could probably write it yourself (ie. query LDAP for
the server details and build the connection string from it).

If it's meant to be injected into an app server where you don't have
full control (ex: adding it as a JNDI resource to a JEE server)
though, I'm not sure of any workaround short of writing a wrapper JDBC
driver that transparently does the LDAP lookup for you and then
internally creates a PG JDBC connection from it.

Regards,
-- Sehrope Sarkuni
Founder & CEO | JackDB, Inc. | http://www.jackdb.com/

On Wed, Jul 23, 2014 at 3:25 PM, John Neal <john.neal@fedex.com> wrote:
> Does the postgres JDBC driver include LDAP support for connection
> parameters? I was able to get psql to connect with the parameters stored in
> LDAP using pg_service.conf (so I can confirm that the LDAP entry is
> correct), but a majority of our applications use jdbc to connect.
>
>
>
> This is the document I used to configure with pg_service.conf, but I can’t
> find anything on doing something similar with JDBC:
>
> http://www.postgresql.org/docs/9.1/static/libpq-ldap.html
>
>
>
> For example, normally our java apps would connect to Oracle with a url like
> this:
>
> jdbc:oracle:thin:@ldap://oid.myserver.com/ABC_APP_L3,cn=OracleContext
>
>
>
> However, I’m not able to find a way to accomplish similar with postgres.
> I’ve confirmed that the driver (postgresql-9.3-1102.jdbc4.jar) works when
> specifying the hostname, dbname, and port, but I need it to function with
> LDAP. When using LDAP, this is what I would expect, but it doesn’t work.
>
> jdbc:postgresql:@ldap:// oid.myserver.com/ ABC_APP_L3,cn=PostgresContext
>
>
>
> I’d appreciate any advice.
>
>
>
> John


Re: JBDC LDAP support for connection parameters

From
John Neal
Date:
Understood. Thank you for the help.

John

-----Original Message-----
From: Sehrope Sarkuni [mailto:sehrope@jackdb.com] 
Sent: Wednesday, July 23, 2014 3:18 PM
To: John Neal
Cc: pgsql-jdbc@postgresql.org
Subject: Re: [JDBC] JBDC LDAP support for connection parameters

John,

No, the JDBC driver does not support loading data source configuration from LDAP or using pg_service.conf. You'll need
tospecify the database host/port/user as part of the JDBC connection string.
 

If this custom application code where you can dynamically generate the JDBC URL then you could probably write it
yourself(ie. query LDAP for the server details and build the connection string from it).
 

If it's meant to be injected into an app server where you don't have full control (ex: adding it as a JNDI resource to
aJEE server) though, I'm not sure of any workaround short of writing a wrapper JDBC driver that transparently does the
LDAPlookup for you and then internally creates a PG JDBC connection from it.
 

Regards,
-- Sehrope Sarkuni
Founder & CEO | JackDB, Inc. | http://www.jackdb.com/

On Wed, Jul 23, 2014 at 3:25 PM, John Neal <john.neal@fedex.com> wrote:
> Does the postgres JDBC driver include LDAP support for connection 
> parameters? I was able to get psql to connect with the parameters 
> stored in LDAP using pg_service.conf (so I can confirm that the LDAP 
> entry is correct), but a majority of our applications use jdbc to connect.
>
>
>
> This is the document I used to configure with pg_service.conf, but I 
> can’t find anything on doing something similar with JDBC:
>
> http://www.postgresql.org/docs/9.1/static/libpq-ldap.html
>
>
>
> For example, normally our java apps would connect to Oracle with a url 
> like
> this:
>
> jdbc:oracle:thin:@ldap://oid.myserver.com/ABC_APP_L3,cn=OracleContext
>
>
>
> However, I’m not able to find a way to accomplish similar with postgres.
> I’ve confirmed that the driver (postgresql-9.3-1102.jdbc4.jar) works 
> when specifying the hostname, dbname, and port, but I need it to 
> function with LDAP. When using LDAP, this is what I would expect, but it doesn’t work.
>
> jdbc:postgresql:@ldap:// oid.myserver.com/ 
> ABC_APP_L3,cn=PostgresContext
>
>
>
> I’d appreciate any advice.
>
>
>
> John

Re: JBDC LDAP support for connection parameters

From
Craig Ringer
Date:
On 07/24/2014 04:17 AM, Sehrope Sarkuni wrote:
> John,
>
> No, the JDBC driver does not support loading data source configuration
> from LDAP or using pg_service.conf. You'll need to specify the
> database host/port/user as part of the JDBC connection string.
>
> If this custom application code where you can dynamically generate the
> JDBC URL then you could probably write it yourself (ie. query LDAP for
> the server details and build the connection string from it).
>
> If it's meant to be injected into an app server where you don't have
> full control (ex: adding it as a JNDI resource to a JEE server)
> though, I'm not sure of any workaround short of writing a wrapper JDBC
> driver that transparently does the LDAP lookup for you and then
> internally creates a PG JDBC connection from it.

It would make a great deal more sense to simply patch PgJDBC with the
desired LDAP support.

Patches like that are generally welcome if submitted upstream,
especially if they increase compatibility with and consistency wit libpq.

--
 Craig Ringer                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services