The UnboundID LDAP SDK for Java includes a number of data structures that are commonly used when creating and using connections and request and result objects. They are briefly outlined in this section.
Attributes are the fundamental units for storing information in LDAP. An Attribute object has a name and zero or more values, and may also have a matching rule which provides information about how the SDK should interact with values for that attribute. Attribute values are typically handled as strings, but may also be treated as byte arrays.
Attribute objects are immutable and contain methods for retrieving the attribute name and set of values.
An entry is a named collection of attributes that generally relate to a given object (e.g., a person). The name is a DN, or distinguished name, which will be discussed further below.
Entry objects are mutable and contain methods for retrieving and setting the DN, and for retrieving and altering the set of attributes. They also provide methods for representing the entry in LDIF form, and there is a constructor that can be used to create an entry from its LDIF representation.
A Modification describes a change that should be applied to an attribute in an entry. An LDAP modify operation includes one or more modifications.
A modification consists of a modification type, an attribute name, and zero or more values. The following modification types are supported (and are defined as constants in the Modification class):
Modification objects provide methods for retrieving the modification type, attribute name and set of values, but do not provide any methods for altering the content of the modification.
Search filters define a set of criteria that may be used to identify a set of matching entries, or to determine whether a given entry matches a set of criteria. There are ten types of filters that may be used in LDAP:
Because there are different kinds of filters, and there are different kinds of information in each type of filter, the Filter class does not contain any public constructors but instead it contains a number of static methods for creating various types of filters. It is possible to create filters from their string representations, but it is also possible to construct filters from their individual components. For example, the "createEqualityFilter(String attribute name, String assertionValue)" method can be used to create an equality filter with the specified name and value. Constructing filters in this manner rather than from a string representation has a number of benefits, including:
DN objects provide a representation of an entry's distinguished name. The DN of an entry uniquely identifies that entry in the directory and also provides information about its location in the directory hierarchy. A DN is comprised of zero or more relative distinguished names (RDNs), and each RDN is comprised of one or more name-value pairs.
In most cases within the LDAP SDK, it is possible to use the string representations of DNs and RDNs, but comparing distinguished names should always be done using DN objects, and comparing relative distinguished names should always be done using RDN objects. These objects will perform the comparisons in a more correct manner, ignoring insignificant capitalization and spacing differences, and differences in the order of the elements in a multivalued RDN. In addition, DN and RDN objects provide methods for obtaining normalized string representations. Finally, DN objects contain methods for retrieving the parent DN and for determining whether DN objects have a hierarchical relationship.