Previous | Next | Trail Map | Tips for LDAP Users | Contents

Controls and Extensions

The LDAP v3 protocol was designed with extensibility in mind. It is extensible in two ways: by using controls and extensions.

Controls

The LDAP v3 allows the behavior of any operation to be modified through the use of controls. The protocol allows any number of controls to be sent along with an LDAP request, and any number of controls to be returned with its results. For example, you can send a "sort" control along with a "search" operation that tells the server to sort the results of the search according to its "name" attribute. Controls can be standard or proprietary. The Controls section of this lesson describes controls in detail and gives examples of how to use some of the more popular controls.

Extensions

In addition to the repertoire of predefined operations, such as "search" and "modify," the LDAP v3 protocol defines an extended operation. The extended operation takes a request as argument and returns a response. The request contains an identifier that identifies the request and the arguments of the request. The response contains the results of performing the request. The pair of extended operation request/response is called an extension. For example, there can be an extension for "Start TLS," which is a request for the client to the server to activate the TLS protocol. These extensions can be standard (defined by the LDAP community) or proprietary (defined by a particular directory vendor). The Extensions section of this lesson describes extensions in more detail.

The javax.naming.ldap Package

Controls and extensions are supported by classes and interfaces in the javax.naming.ldap(in the API reference documentation) package. The core interface in this package is LdapContext(in the API reference documentation) , which defines methods on a context for performing extended operations and handling controls. The rest of the package contains classes and interfaces for representing controls and extensions.
Software Requirements: In addition to the software requirements listed in the Preparations (in the Basics trail) lesson, you also need the ldapbp.jar archive file when using the examples in this lesson. The ldapbp.jar file can be downloaded as part of the LDAP service provider from the JNDI Web site.

Server Requirements: The examples in this lesson depend on server support for certain features. Specifically, the examples use the server-side sorting control and the virtual-list-view control. The Netscape Directory Server 4.1 supports both of these controls. Note that this server supports the virtual-list-view control only for authenticated clients.

Previous | Next | Trail Map | Tips for LDAP Users | Contents