LDAP Gateway Properties

You configure the following LDAP Gateway properties in the ldap-gateway.yaml file.

LDAP Gateway Configuration Properties describes the LDAP Gateway JMS properties for ActiveMQ:
Table 1. LDAP Gateway Configuration Properties
Property Description
spring.activemq.broker-url The URL of ActiveMQ.
spring.activemq.user The user for the ActiveMQ connection.
spring.activemq.password The ActiveMQ user's password.
ldap.url The URL of the LDAP pod to which you want to send requests. LDAP Gateway connects to each LDAP cluster and LDAP pod using a single URL. Load balancing and failover is performed using a network IP alias through this URL. Configure a single URL as follows: ldap://ldaphost:port

Where ldap://ldaphost:port defines a network alias that points to a mirror mode or a forest configuration, depending on the LDAP pod type. For example: ldap://ldaphost1:3891

For information about setting up a mirror mode or forest configuration for an LDAP pod, see the documentation for that specific LDAP pod type.

If LDAP Gateway fails to make a connection with the LDAP pod, it returns an error message to the Charging Server.

ldap.base The base to use for LDAP searches.
ldap.search.filter The search filter to use. If the Charging Server request does not contain a filter, then the one defined at the LDAP level is used.

Filters can only be set in a Charging Server request, but this is optional. Filters are not set in the response.
ldap.searchSubTree True or false.
ldap.attributes List of attributes to return from the LDAP pod.
ldap.user The LDAP Gateway user for the ActiveMQ connection.
ldap.pass The password of the LDAP Gateway user.
ldap.gateway.service.subDomains Defines the available sub-domains. For example:
subDomains:
  - name: subDomain1
    inboundQueueName: ldap_request_queue
    outboundQueueName: ldap_response_queue
  - name: subDomain2
    inboundQueueName: inbound_two
    outboundQueueName: outbound_two
ldap.gateway.service.subDomains.name The name of the sub-domain for sub-domain routing. If sub-domain routing is not used, there is only one named sub-domain.
ldap.gateway.service.subDomains.inboundQueueName The name of the ActiveMQ request queue. Defaults to ldap_request_queue for the first sub-domain in the subDomains list.
ldap.gateway.service.subDomains.outboundQueueName The name of the ActiveMQ response queue. Defaults to ldap_response_queue for the first sub-domain in the subDomains list.
ldap.gateway.service.gatewayProxy.host The host name of the Gateway Proxy host.
ldap.gateway.service.gatewayProxy.port The port number of the Gateway Proxy port.
ldap.deref_aliases Defines how aliases are handled when performing the LDAP request. Valid values are:
  • always — Always dereference aliases.
  • never — (Default) Never dereference aliases.
  • finding — Dereference aliases only during name resolution.
  • searching — Dereference aliases only after name resolution.
ldap.search_controls Defines the search control value to use when performing the LDAP request:
  • 0 — Search the named object.
  • 1 — (Default) Search one level of the named context.
  • 2 — Search the entire subtree rooted at the named object.
The following gateway properties define mappings between the Charging Server and the LDAP pod for input and output parameters.
gateway.have_response_extension Indicates whether to use a response extension MDC:
  • false — (Default) Do not use a response extension.
  • true — Use the response extension MDC defined in the response_extension_name property.
gateway.is_version_pinning Indicates whether to use version pinning:
  • false — (Default) Do not use version pinning.
  • true — Use version pinning.
gateway.reqMap Maps incoming request parameters from the Charging Server to LDAP attributes. For example:
gateway:
  reqMap:
    - location: 0
      paramLdap: cellid
      paramMdc: Cellid    
    - location: 1
      paramLdap: msisdn
      paramMdc: Msisdn
Where:
  • location — Defines the index of the parameter in the LDAP query string.
  • paramLdap — Defines the LDAP attribute name to be used when querying LDAP pod.
  • paramMdc — Defines the field name from the custom/base request MDC that the Charging Server sends to LDAP Gateway. This field name is used to retrieve the value and map it to the LDAP request attribute specified in paramLdap.
In the example, if the search filter defined in the ldap.search.filter property is (|(&(objectClass=fmsmapping)(cellid=${0}))(&(objectClass=subscriber)(msisdn=${1}))), LDAP Gateway replaces the 0 in the LDAP query with the cellid value received from the Charging Server. For a cellid of 1234, the resulting search filter is: (|(&(objectClass=fmsmapping)(cellid=${1234}))(&(objectClass=subscriber)(msisdn=${1})))
gateway.rspMap Maps LDAP response attributes to the custom/base MDC response to the Charging Server. For example:
gateway:
  rspMap:
    - paramLdap: postcode
      paramMdc: Postcode
    - paramLdap: providerName
      paramMdc: ProviderName
Where:
  • paramLdap — Defines the LDAP attribute name received from the LDAP pod.
  • paramMdc — Defines the field name from the custom/base response MDC that LDAP Gateway sends to the Charging Server.
In the example, LDAP Gateway maps the postcode value received from LDAP pod to the Postcode attribute of the Charging Server response object.
gateway.response_extension_name If needed, specifies the name of the custom response extension MDC to use.
gateway.destinationServerMap To send LDAP requests to specific URLs, configures the LDAP pods to use for specific requests using the following format:
gateway:
  destinationServerMap:
    - paramMdc: server_name
      paramLdap: server_url
    - paramMdc: server_name
      paramLdap: server_url
Where:
  • server_name — Maps to the destination pod name specified in the Destination pod field in the LDAP callout action configured for the request in My MATRIXX.
  • server_url — Specifies the URL of the LDAP pod to use for the request.
Note: Do not configure this list if you are using only one LDAP pod for LDAP requests or if the LDAP service can send requests to any available LDAP pod.
For information about configuring LDAP call out actions, see the discussion about PreRating in My MATRIXX Help.
gateway.concurrency A numeric string range in the format start_number-end_number for the number of application threads to read from the Charging Server pool, for example: 3–10. LDAP Gateway allocates the start_number of application threads to read from the Charging Server pool and increases the number of threads according to performance requirements until it reaches the end_number.
The following example ldap-gateway.yaml file shows the format and sample properties for LDAP Gateway:
server:
  port: 8707
ldap:
  attributes: localityName
  base: dc=sdp,dc=com
  pass: secret
  request_queue: ldap_request_queue
  response_rows: 100
  response_queue: ldap_response_queue
  search_filter: (&(objectclass=person)(mobile=${0}))
  search_sub_tree: true
  timeout_millis: 30000
  url: ldap://localhost:3890
  user: uid=admin,ou=system
  gateway:
    service:
      subDomains:
        - name: subDomain1
          inboundQueueName: ldap_request_queue
          outboundQueueName: ldap_response_queue
        - name: subDomain2
          inboundQueueName: inbound_two
          outboundQueueName: outbound_two
        - name: subDomain3
          inboundQueueName: inbound_three
          outboundQueueName: inbound_three
      gatewayProxy:
        host: localhost
        port: 4080
  deref_aliases: never
  search_controls: 2

logging:
  level:
    com:
      matrixx:
        gw: DEBUG

  pattern:
    console: '%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n'
    file: '%d %p %c{1.} [%t] %m%n'
management:
  endpoints:
    enabledByDefault: true
    web:
      exposure:
        include: '*'
  endpoint:
    info:
      enabled: true
    health:
      showDetails: always
      enabled: true
    metrics:
      enabled: true
    camelroutes:
      enabled: true
      readOnly: true
    prometheus:
      enabled: true
    loggers:
      enabled: true
  metrics:
    tags:
      application: ldap-gateway
gateway:
  attributes: CommunityId-List
  filter: (|(&(objectClass=fmsmapping)(cellid=${0}))(&(objectClass=subscriber)(msisdn=${1})))
  have_response_extension: true
  is_version_pinning: false
  reqMap:
    - location: 0
      paramLdap: cellid
      paramMdc: Cellid
    - location: 1
      paramLdap: msisdn
      paramMdc: Msisdn
  rspMap:
    - paramLdap: postcode
      paramMdc: Postcode
    - paramLdap: providerName
      paramMdc: ProviderName
  response_extension_name: MyMtxLdapResponseExtensionData
  destinationServerMap:
    - paramMdc: FINANCE
      paramLdap: ldap://129.1.1.1:10389
    - paramMdc: GENERAL
      paramLdap: ldap://129.1.1.2:10389
  concurrency: 3-10

spring:
  activemq:
    broker-url: tcp://localhost:61616
    password: admin
    user: admin
    pool:
      enabled: true
      max-connections: 50
  jackson:
    serialization:
      WRITE_DATES_AS_TIMESTAMPS: false
  main:
    allow-bean-definition-overriding: true

version:
  extensionVersion: 5210
  schemaVersion: 5210