The primary operation of LDAP servers. Provides the ability to retrieve multiple entries containing variable attribute sets using a defined query syntax. The syntax for LDAP filters is defined in RFC 2254.
Searches for entries matching: (&(givenName=daniel)(sn=fisher)) over the dc=ldaptive,dc=org DIT and returns entries containing just the mail and displayName attributes.
The following properties can be configured on a per request basis:
|baseDn||””||DN to search; An empty value searches the rootDSE;|
|filter||null||LDAP filter to execute|
|returnAttributes||ALL_USER||names of attributes to include in the search result|
|searchScope||SUBTREE||scope of the search; Valid values include: OBJECT, ONELEVEL, SUBTREE|
|timeLimit||0||length of time that a search operation should execute; A value of 0 means execute indefinitely; When the time limit arrives result will contain any result returned up to that point|
|sizeLimit||0||maximum number of entries to include in the search result; A value of 0 means includes all entries|
|derefAliases||NEVER||how aliases are dereferences; Valid values include: NEVER, SEARCHING, FINDING, ALWAYS|
|typesOnly||false||whether to return attribute types only, no values|
|binaryAttributes||null||attribute names that should be considered binary regardless of how they are stored|
The SearchFilter object provides support for both positional and named parameters. Values provided as parameters are escaped according to RFC 2254.
In this manner applications can define custom, readable filters for their users and then set the parameters accordingly.
Search Result Order
The result data stored in the SearchResponse, LdapEntry, and LdapAttribute objects are ordered as they are returned in the LDAP response. If you need to sort this data, static methods are available which sort elements naturally:
Search results can be sorted automatically by setting the following JVM switch: