We have a local LDAP directory that provides basic contact information about our user community. We would like to integrate this into some third-party hosted services that allow us to implement widgets that run arbitrary Javascript.
In order to connect Javascript to our LDAP directory, I would like to set up a simple LDAP-to-HTTP proxy that would accept HTTP GET requests, translate them into an appropriate LDAP query, and respond with directory information as JSON-encoded data.
In an ideal world, something like this:
GET /[email protected]
Would get me something like this:
{
"cn": "Bob Person",
"title": "System Administrator",
"sn": "Person",
"mail": "[email protected]",
"telepehoneNumber": "617-555-1212",
"givenName": "Bob"
}
(And this obviously assumes that the web application has locally configured information about what base DN to use, how to authenticate, etc).
I guess I could write one...but surely something like this already exists?
Taking Andrew's suggestion and turning this into an answer...
The consensus seems to be that there isn't a pre-existing solution out there and that I should just get off my lazy derriere and write one. So I did, and it's available from:
It's not especially pretty, but it works for my prototyping and I figure maybe someone else will find it useful someday. The code does not currently handle authentication. If you're lucky, it might handle a server disconnect. It does support JSONP, which is what I needed in order to integrate this with our third-party hosted service.
I did find one product out there that claims to do the same thing, but it's a commercial product and I don't know anything about the pricing.
This is an old question, however for anyone else looking for solutions in this space I've stumbled across Json2Ldap which exposes a LDAP server with a JSON-RPC protocol.
This provides you with the ability to build some pretty targeted queries and keep things nice and efficient. Also supports everything you would expect in terms of auth, tokens for different endpoints and controlling what type of level of abuse you'd like to open up your directly to by outside hands.
I do not know a ready solution.
On the other hand I would do it in Perl. Mojolicious and Net::LDAP makes it very easy to implement this.
I'm not aware of any.
The only plugin available to Apache, LDAP related, is obviously mod_ldap. However, it will only provide you with the authentication/authorization part. As for searching the directory, you will have to write a python/perl cgi module or servlet to process http/https requests for searching the ldap directory. There are many APIs available. For example:
http://ldap.perl.org/
http://directory.apache.org/api/five-minutes-tutorial.html
You're probably better off writing something to process your query and return it in JSON format.
Have you considered extending the code at https://www.web2ldap.de/download.html
It's a Web Browser to LDAP gateway, but shouldn't be difficult to adapt to return JPON.
I doubt you can do this with any client-side scripting languages due to a number of security issues but definitely possible through server-side scripting languages such as php or .net etc
EDIT: Take a look at this http://www.nimbusds.com/json2ldap.html or http://blog.dzhuvinov.com/?p=96