This post will give all the steps for creating LDAP from Apache Directory Studio. Here post will be using Apache Directory Studio 1.5.3 version.

1. Create LDAP Server

image

2. Start server

3. Create the Connection

(for the default instance of the Apache directory server, user name is ‘uid=admin,ou=system’ and the Bind password is ‘secret’)

image

4. Then browser LDPA by click on the connection.(If the connection is successfully established, you should see an outline of the Directory Information Tree (DIT) in the LDAP Browser view)

image

5. Right-click on the  node ou or dc and select New|New Entry. The New Entry wizard appears.

image

6. In the Entry Creation Method pane, select the Create entry from scratch radiobutton. Click Next.

image

7. Find the organizationalUnit object. Select it then click Add.

image

8.  Click Next. On the RDN field enter ou. On the value field enter ‘Groups. The DN Preview should like below

(Distinguished Name (dn), The Parent field should same like below)

image

9. Click Next. The Attributes window will appear. Examine the values.

image

10 . Do the same for Users as below

image

 

Now some users (Staff)

We'll place their personal information under the ou=users; whereas we'll place their authorization levels under the ou=groups.
Let's start with the ou=users. We'll be adding new user called ‘madhuka’. Person using theinetOrgPerson object.

The inetOrgPerson[1] object class is a general purpose object class that holds attributes about people.

11. Right-click the ou=Users entry. Select New. Select New Entry

image

12. Select Create entry from scratch. Click Next.

13. Find inetOrgPerson object. Select it then click Add.

image

14. On the RDN field enter cn. On the value field enter madhuka.

(If ‘dn’ not added defaults, you need to enter a Distinguished Name (dn).)

image

15. Under the sn attribute, enter ‘udantha’(sn stands for Surname)

16. You need to add a username for this user. Right-click on the same window. Select New Attribute. TheAttribute Type window will appear.

image
17. On the Attribute type field, enter uid. click for finsh

image

18. We need to add a password for this user. Right-click on the same window. Select New Attribute. The Attribute Type window will appear.

19. On the Attribute type field, enter userPassword.

20 . You will be asked to enter a password. Enter pass as the new password. Make sure that the Select Hash Method is set to SHA

image

Add the Groups (Authorization Levels)

21. Same like above steps we select ‘New Entry’ and ‘Create entry from scratch

22. In ‘Object Classes’ window we will pick ‘groupOfNames’, Select it then click Add.

image

23. RDN field enter cn. On the value field enter ‘admin’

24. As we pcik ‘groupOfNames’ we will have member field and for that value we make double click

24. Then DN edit will come and then browser for the user that we need.

image

25. Field will be picked as ‘cn=madhuka,ou=users,dc=example,dc=com’ (If you have few member you can add you can add some groups as well).

26. Here is LDAP Browser panel. Expand the Root DSE folder.

image

 

(If you pick ‘uniqueMember by slectinggroupOfUniqueNames’ object. A uniqueMember attribute. We'll be placing the Distinguished Name (dn) of our users in this entry. One uniqueMember attribute will represents one user.)

 

[1] http://www.faqs.org/rfcs/rfc2798.html

Posted by
Labels: Apache Apache Directory Studio LDAP Security WSO2 IS
0

Add a comment

We used have  Singleton Design Pattern in our applications whenever it is needed. As we know that in singleton design pattern we can create only one instance and can access in the whole application. But in some cases, it will break the singleton behavior.

There are mainly 3 concepts which can break singleton property of a singleton class in java. In this post, we will discuss how it can break and how to prevent those.

Here is sample Singleton class and SingletonTest class.

Singleton.Java

package demo1;

public final class Singleton {

    private static volatile Singleton instance = null;

    private Singleton() {
    }

    public static Singleton getInstance() {
        if (instance == null) {
            synchronized (Singleton.class) {
                if (instance == null) {
                    instance = new Singleton();
                }
            }
        }
        return instance;
    }
}

SingletonTest.java

 
package demo1;

public class SingletonTest {
    public static void main(String[] args) {
        Singleton object1 = Singleton.getInstance();
        Singleton object2 = Singleton.getInstance();
        System.out.println("Hashcode of Object 1 - " + object1.hashCode());
        System.out.println("Hashcode of Object 2 - " + object2.hashCode());
    }
}

Here is output, you can see it the same hashcode for objectOne and objectTwo

Hashcode of Object 1 - 1836019240
Hashcode of Object 2 - 1836019240
Now we will break this pattern. First, we will use java reflection.

Reflection

Java  Reflection is an API which is used to examine or modify the behavior of methods, classes, interfaces at runtime. Using Reflection API we can create multiple objects in singleton class. Consider the following example.

ReflectionSingleton.java

package demo1;

import java.lang.reflect.Constructor;

public class ReflectionSingleton {
    public static void main(String[] args)  {

        Singleton objOne = Singleton.getInstance();
        Singleton objTwo = null;
        try {
            Constructor constructor = Singleton.class.getDeclaredConstructor();
            constructor.setAccessible(true);
            objTwo = (Singleton) constructor.newInstance();
        } catch (Exception ex) {
            System.out.println(ex);
        }

        System.out.println("Hashcode of Object 1 - "+objOne.hashCode());
        System.out.println("Hashcode of Object 2 - "+objTwo.hashCode());

    }
}
Example to show how reflection can break the singleton pattern with Java reflect. You will get two hash code as below. It has a break on the singleton pattern.

Hashcode of Object 1 - 1836019240
Hashcode of Object 2 - 325040804
Prevent Singleton pattern from Reflection

There are many ways to prevent Singleton pattern from Reflection API, but one of the best solutions is to throw run time exception in the constructor if the instance already exists. In this, we can not able to create a second instance.

    private Singleton() {
        if( instance != null ) {
           throw new InstantiationError( "Creating of this object is not allowed." );
        }
    }

Deserialization

In serialization, we can save the object of a byte stream into a file or send over a network. Suppose if you serialize the Singleton class and then again de-serialize that object will create a new instance, hence deserialization will break the Singleton pattern.

Below code is to illustrate how the Singleton pattern breaks with deserialization.

Implements Serializable interface for Singleton Class.

DeserializationSingleton.Java

package demo1;

import java.io.*;

public class DeserializationSingleton {

    public static void main(String[] args) throws Exception {

        Singleton instanceOne = Singleton.getInstance();
        ObjectOutput out = new ObjectOutputStream(new FileOutputStream("file.text"));
        out.writeObject(instanceOne);
        out.close();

        ObjectInput in = new ObjectInputStream(new FileInputStream("file.text"));
        Singleton instanceTwo = (Singleton) in.readObject();
        in.close();

        System.out.println("hashCode of instance 1 is - " + instanceOne.hashCode());
        System.out.println("hashCode of instance 2 is - " + instanceTwo.hashCode());
    }

}
The output is below and you can see two hashcodes.

hashCode of instance 1 is - 2125039532
hashCode of instance 2 is - 381259350

Prevent Singleton Pattern from Deserialization

To overcome this issue, we need to override readResolve() method in Singleton class and return same Singleton instance. Update Singleton.java, with below method.

   protected Object readResolve() { 
           return instance; 
     }  

Now run above DeserializationDemo class and see the output.

hashCode of instance 1 is - 2125039532
hashCode of instance 2 is - 2125039532

Cloning

Using the "clone" method we can create a copy of original object, samething if we applied clone in singleton pattern, it will create two instances one original and another one cloned object. In this case will break Singleton principle as shown in below code.

Implement the "Cloneable" interface and override the clone method in the above Singleton class.

Singleton.java

 
    @Override
    protected Object clone() throws CloneNotSupportedException  {
        return super.clone();
    }

Then Test with cloning for breaking the singleton
CloningSingleton.java

 
public class CloningSingleton {
    public static void main(String[] args) throws CloneNotSupportedException, Exception {
        Singleton instanceOne = Singleton.getInstance();
        Singleton instanceTwo = (Singleton) instanceOne.clone();
        System.out.println("hashCode of instance 1 - " + instanceOne.hashCode());
        System.out.println("hashCode of instance 2 - " + instanceTwo.hashCode());
    }

}

Here is the output

hashCode of instance 1 - 1836019240
hashCode of instance 2 - 325040804

If we see the above output, two instances have different hashcodes means these instances are not the same.


Prevent Singleton Pattern from Cloning

In the above code, breaks the Singleton principle i. e created two instances. To overcome the above issue we need to implement/override clone() method and throw an exception CloneNotSupportedException from clone method. If anyone try to create clone object of Singleton, it will throw an exception as see below code.

    @Override
    protected Object clone() throws CloneNotSupportedException  {
        throw new CloneNotSupportedException();
    }

Now we can run the CloningSingleton class, it will throw CloneNotSupportedException while creating a clone object of Singleton object.


Posted by
Labels: Design Pattern Design Patterns java java8 software development
13

View comments

I am
I am
Archives
Archives
Total Pageviews
Total Pageviews
2 0 5 6 2 3 8
Categories
Categories
Loading