A simple proxy that turns HTTP GET requests into LDAP queries and then returns JSON-encoded results.
ldap2json requires the bottle framework.
Running ldap2json from the command line:
./ldap2json.py [ -f configfile ]
If a search returns an empty result, ldap2json will return a 404 status code to the caller.
Otherwise, the return value is a list of [DN, attribute_dictionary] tuples, where DN is the distinguished name of the record and attribute_dictionary is a key/value dictionary of attributes. The values of the attribute dictionary will always be lists, even if attributes are single-valued.
ldap2json uses a simple INI-style configuration file.
The global section of the config file may contain values for the following:
host-- Bind address for the web application.port-- Port on which to listen.debug-- Enable some debugging output if true. This will also causebottleto reload the server if the source files change.
The ldap section may contain two values:
uri-- anldap://URI specifying the endpoint for queries.basedn-- the base DN to use for searches.
An example ldap section might look like this:
[ldap] uri = ldap://ldap.example.com basedn = "ou=people, dc=example, dc=com"
Note that due to my use of the configobj module, strings containing commas must be quoted.
ldap2json will use memcache, if it's available, for caching results. The
memcache section may contain values for the following:
servers-- a comma-separated list of memcachehost:portservers.lifetime-- the lifetime of items added to the cache.
An example memcache section might look like this:
[memcache] servers = 127.0.0.1:11211 lifetime = 600
Assuming that the server is running on localhost port 8080, the
following:
$ curl http://localhost:8080/ldap?cn=alice*
Might return something like this:
[
[
"uid=alice,ou=people,o=Example Organization,c=US",
{
"telephoneNumber": [
"+1-617-555-1212"
],
"description": [
"employee"
],
"title": [
"Ninja"
],
"sn": [
"Person"
],
"mail": [
"[email protected]"
],
"givenName": [
"Alice"
],
"cn": [
"Alice Person"
]
}
]
]