| < Day Day Up > |
|
As promised in Chapter 2, we now take a closer look at LDAP URLs, which are used to search in a directory. LDAP URLs are a handy tool to use in a browser because they allow us to query a directory using any number of widely available clients (Netscape, Opera, Internet Explorer, or others). The Konquerer Web browser — available for Linux (e.g., with the SuSE Linux distribution from version 7 and up) — is a favorite of the author. This browser allows you to browse inside a directory as you would a file system.
Note that LDAP URLs are not limited to use in Web browsers. They could also be used by programs (Perl, Java, C, etc.), by preprocessors in Web servers (such as PHP), and CGI (common gateway interface) scripts. For more information about LDAP URLs, see RFC 2255, "The LDAP URL Format."
Let us have a look at the syntax of an LDAP URL:
"1dap://"[hostname [":" portNumber] ] "/" baseDN [ query ]
where the query is:
["?" attributeList ["?" scope "?" filter ["?" extensions ] ] ]
hostname: IP number or host name of the directory server
portNumber: Port that the directory server is listening on
baseDN: Distinguished name needed to start the query
attributeList: Attributes to be returned by the query
scope: Scope of the query, which can be one of the values: base, one, sub (see the "Search Revisited" section at the beginning of this chapter for more information about the scope)
filterString: Query filter (see the discussion of filters in the "Search Revisited" section)
The square brackets indicate that the data inside them is optional. The rest — such as the quotation marks, colons, the slashes, and the LDAP text — have to be typed in.
You have to pay particular attention to the characters allowed in URLs. Indeed, a number of characters have special meaning and have to he "escaped" using the "%" prefix as describe in RFC 1738, "Uniform Resource Locators (URL)." The classic example is the space sign escaped with %20. For example, the URL o = University of Michigan, c = US would give:
ldap://www.openldap.org/o=University%20of%20Michigan,%20c=US?sn, cn?sub?sn=Zeilenga
Exhibit 26 lists the prohibited characters in LDAP URLs and their associated escape sequences.
Prohibited Characters | Escape Sequence |
---|---|
space | %20 |
< | %3C |
> | %3E |
" | %22 |
# | %23 |
% | %25 |
{ | %7B |
} | %7D |
| | %7C |
[ | %5B |
\ | %5C |
] | %5D |
^ | %5E |
' | %60 |
~ | %7E |
| < Day Day Up > |
|