ldap json file

391 views
Skip to first unread message

Gajendra Mani Tripathi

unread,
May 8, 2017, 5:16:06 AM5/8/17
to Nexus Users
can i get json file by which i can create a new ldap  connection in nexus3. I wanted to do automatic ldap configuration by using dockerfile.
Can someone help me on this urgently

Pablo García

unread,
May 8, 2017, 5:57:41 AM5/8/17
to Gajendra Mani Tripathi, Nexus Users
Hi,

You can easily obtain the JSON data with basic tools like Chrome Developer Tools, by checking the POST  to "http://<your-nexus-base-url>/service/extdirect" whenever you save the LDAP configuration via the admin panel.

Anyway, for the particular case that you mention, the JSON should look similar to:

{ "action":"create", "method':'ldap_LdapServer", "data":[{ "id":"", "name":"LDAP", "protocol":"ldap", "host":"", "port":, "searchBase":"", "authScheme":"simple", "authUsername":"", "authPassword":"", "connectionTimeout":30, "connectionRetryDelay":300, "maxIncidentsCount":5, "combo-1687-inputEl":"Active Directory", "userBaseDn":"", "userSubtree":true, "userObjectClass":"person", "userLdapFilter":"", "userIdAttribute":"sAMAccountName", "userRealNameAttribute":"cn", "userEmailAddressAttribute":"mail", "userPasswordAttribute":"", "ldapGroupsAsRoles":true, "groupType":"static", "groupBaseDn":"", "groupSubtree":false, "groupObjectClass":"group", "groupIdAttribute":"sAMAccountName", "groupMemberAttribute":"member", "groupMemberFormat":"${dn}" }] "type":"rpc", "tid":26 }

Regards,


2017-05-08 11:16 GMT+02:00 Gajendra Mani Tripathi <gajendra.t...@gmail.com>:
can i get json file by which i can create a new ldap  connection in nexus3. I wanted to do automatic ldap configuration by using dockerfile.
Can someone help me on this urgently

--
You received this message because you are subscribed to the Google Groups "Nexus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nexus-users+unsubscribe@glists.sonatype.com.
To post to this group, send email to nexus...@glists.sonatype.com.
To view this discussion on the web visit https://groups.google.com/a/glists.sonatype.com/d/msgid/nexus-users/e0baa01c-5d4e-4f13-89a3-ceec86ef81c5%40glists.sonatype.com.
For more options, visit https://groups.google.com/a/glists.sonatype.com/d/optout.

Message has been deleted

Gajendra Mani Tripathi

unread,
May 8, 2017, 6:50:39 AM5/8/17
to Nexus Users, gajendra.t...@gmail.com
Hi 

I tried it with below command
curl -v -X PUT -u admin:admin123 --header "Content-Type: application/json" 'http://<nexus server URL>/service/extdirect' -d myldap.json

and myldap.json contain below data.
{
   "action":"create",
   "method":"ldap_LdapServer",
   "data":[
      {
         "id":"",
         "name":"LDAP",
         "protocol":"ldap",
         "host":"internal.bal.com",
         "port": 389,
         "searchBase":"username",
         "authScheme":"simple",
         "authUsername":"gtripathi",
         "authPassword":"MjCcAction!",
         "connectionTimeout":30,
         "connectionRetryDelay":300,
         "maxIncidentsCount":5,
         "combo-1687-inputEl":"Active Directory",
         "userBaseDn":"dc=internal,dc=imsglobal,dc=com",
         "userSubtree":true,
         "userObjectClass":"person",
         "userLdapFilter":"none",
         "userIdAttribute":"sAMAccountName",
         "userRealNameAttribute":"cn",
         "userEmailAddressAttribute":"mail",
         "userPasswordAttribute":"user",
         "ldapGroupsAsRoles":true
      }
   ]  ,
   "type": "rpc",
   "tid": 26
}

It is not even creating new ldap connection. Am i doing something wrong.? Please help me.

Thanks for your reply.

On Monday, May 8, 2017 at 3:27:41 PM UTC+5:30, Pablo García wrote:
Hi,

You can easily obtain the JSON data with basic tools like Chrome Developer Tools, by checking the POST  to "http://<your-nexus-base-url>/service/extdirect" whenever you save the LDAP configuration via the admin panel.

Anyway, for the particular case that you mention, the JSON should look similar to:

{ "action":"create", "method':'ldap_LdapServer", "data":[{ "id":"", "name":"LDAP", "protocol":"ldap", "host":"", "port":, "searchBase":"", "authScheme":"simple", "authUsername":"", "authPassword":"", "connectionTimeout":30, "connectionRetryDelay":300, "maxIncidentsCount":5, "combo-1687-inputEl":"Active Directory", "userBaseDn":"", "userSubtree":true, "userObjectClass":"person", "userLdapFilter":"", "userIdAttribute":"sAMAccountName", "userRealNameAttribute":"cn", "userEmailAddressAttribute":"mail", "userPasswordAttribute":"", "ldapGroupsAsRoles":true, "groupType":"static", "groupBaseDn":"", "groupSubtree":false, "groupObjectClass":"group", "groupIdAttribute":"sAMAccountName", "groupMemberAttribute":"member", "groupMemberFormat":"${dn}" }] "type":"rpc", "tid":26 }

Regards,

2017-05-08 11:16 GMT+02:00 Gajendra Mani Tripathi <gajendra.t...@gmail.com>:
can i get json file by which i can create a new ldap  connection in nexus3. I wanted to do automatic ldap configuration by using dockerfile.
Can someone help me on this urgently

--
You received this message because you are subscribed to the Google Groups "Nexus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nexus-users...@glists.sonatype.com.

Pablo García

unread,
May 8, 2017, 7:11:05 AM5/8/17
to Gajendra Mani Tripathi, Nexus Users
You must use POST.

To unsubscribe from this group and stop receiving emails from it, send an email to nexus-users+unsubscribe@glists.sonatype.com.

To post to this group, send email to nexus...@glists.sonatype.com.
To view this discussion on the web visit https://groups.google.com/a/glists.sonatype.com/d/msgid/nexus-users/a069a614-efbc-49bd-accf-7d5d5108f24d%40glists.sonatype.com.
Message has been deleted
Message has been deleted
Message has been deleted

Gajendra Mani Tripathi

unread,
May 8, 2017, 8:15:43 AM5/8/17
to Nexus Users, gajendra.t...@gmail.com
ohh sorry. I ried POST option now. it says 200 OK but having below message
[hduxxser@dtsdvopdd1d json]$ curl -v -X POST  -u admin:admin123 --header "Content-Type: application/json" 'http://server:8081/service/extdirect' -d @ldap.json
* About to connect() to cdtsdvopdd1d port 8081 (#0)
*   Trying 162.xx.yyy.89...
* Connected to dtsdvopdd1d (162.xx.yyy.89) port 8081 (#0)
* Server auth using Basic with user 'admin'
> POST /service/extdirect HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4xMjM=
> User-Agent: curl/7.29.0
> Host: cdtsdvo111d:8081
> Accept: */*
> Content-Type: application/json
> Content-Length: 875
>
* upload completely sent off: 875 out of 875 bytes
< HTTP/1.1 200 OK
< Date: Mon, 08 May 2017 12:05:23 GMT
< Server: Nexus/3.3.1-01 (OSS)
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< Content-Type: application/json;charset=utf-8
< Content-Length: 604
<
* Connection #0 to host <server name> left intact
{"tid":26,"action":"create","method":"ldap_LdapServer","message":"RequestException: No action registered as 'create'","where":"","serverException":{"rootException":{"type":"com.softwarementors.extjs.djn.router.processor.RequestException","message":"No action registered as 'create'","where":""},"exception":{"type":"com.softwarementors.extjs.djn.router.processor.RequestException","message":"No action registered as 'create'","where":""},"exceptions":[{"type":"com.softwarementors.extjs.djn.router.processor.RequestException","message":"No action registered as 'create'","where":""}]},"type":"exception"}

Coud you please help me on this
You must use POST.

Rich Seddon

unread,
May 8, 2017, 10:08:44 AM5/8/17
to Gajendra Mani Tripathi, Nexus Users
I'd advise against using the calls made by the UI, that is not a supported REST API, it is an internal implementation detail, and it will change whenever changes are made to the Nexus 3 UI.

Using the scripting API is the recommended way to do provisioning:




To unsubscribe from this group and stop receiving emails from it, send an email to nexus-users+unsubscribe@glists.sonatype.com.

To post to this group, send email to nexus...@glists.sonatype.com.
To view this discussion on the web visit https://groups.google.com/a/glists.sonatype.com/d/msgid/nexus-users/f2e557b2-144c-4505-8dbc-b731b8727846%40glists.sonatype.com.

Matt Benson

unread,
May 8, 2017, 11:03:03 AM5/8/17
to Nexus Users, gajendra.t...@gmail.com
It is also my understanding that the scripting API is the way to go in Nexus 3. I haven't even encountered the documentation that explains what these calls earlier in this thread are even doing. ;)

That said, the LDAP APIs are not officially supported for scripting, nor is their code even available. I found another post someplace that basically explained it, and then I went digging to improve my understanding somewhat. You want to use the provided container binding to look up the available instance of org.sonatype.nexus.ldap.persist.LdapConfigurationManager and call its #addLdapServerConfiguration(org.sonatype.nexus.ldap.persist.entity.LdapConfiguration) method (for a repeatable script you can call #listLdapServerConfigurations() and find the configuration matching the one you are trying to add; if it exists you can call updateLdapServerConfiguration(org.sonatype.nexus.ldap.persist.entity.LdapConfiguration) instead).

To create the org.sonatype.nexus.ldap.persist.entity.LdapConfiguration instance you need, you can easily create it with LdapConfiguration.newInstance(m) where m is a Map created by a call to new JsonSlurper().parseText(args) (the LDAP configuration map could of course be just a portion of a larger JSON-parsed document. If you found the LdapConfiguration class you could run javato see its structure, but the JSON structure is pretty simple:

{
"name": "ldapConfig",
"connection": {
"host": {
"protocol": "ldap|s",
"hostName": "ldap.yourdomain.ext",
"port": 389
},
"maxIncidentsCount": 3,
"connectionRetryDelay": 300,
"connectionTimeout": 15,
"searchBase": "DC=yourdomain,DC=ext",
"authScheme": "simple",
"systemUsername": "CN=username,CN=Users,DC=yourdomain,DC=ext",
"systemPassword": "password"
},
"mapping": {
"userBaseDn": "OU=Users group",
"userSubtree": true,
"userObjectClass": "user",
"userIdAttribute": "sAMAccountName",
"userPasswordAttribute": "",
"userRealNameAttribute": "displayName",
"emailAddressAttribute": "mail",
"ldapGroupsAsRoles": true,
"userMemberOfAttribute": "memberOf"
}
}

HTH,
Matt

Mariska

unread,
Sep 21, 2017, 5:39:32 AM9/21/17
to Nexus Users
Brilliant! I was struggling with the other solution I found. Now it is really easy. Thanks!

The groovy script is simple now:
import org.sonatype.nexus.ldap.persist.*
import org.sonatype.nexus.ldap.persist.entity.*

import groovy.json.JsonSlurper

def ldap = new JsonSlurper().parseText(args)
log.info("Configuring LDAP Connection.")

def manager = container.lookup(LdapConfigurationManager.class.name)

manager.addLdapServerConfiguration(
  new org.sonatype.nexus.ldap.persist.entity.LdapConfiguration(ldap)
)
Reply all
Reply to author
Forward
0 new messages