--- /dev/null
+
+
+
+
+
+
+Network Working Group T. Howes
+Request for Comments: 1959 M. Smith
+Category: Standards Track University of Michigan
+ June 1996
+
+
+ An LDAP URL Format
+
+Status of this Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+1. Abstract
+
+ LDAP is the Lightweight Directory Access Protocol, defined in [1] and
+ [2]. This document describes a format for an LDAP Uniform Resource
+ Locator which will allow Internet clients to have direct access to
+ the LDAP protocol. While LDAP currently is used only as a front end
+ to the X.500 directory, the URL format described here is general
+ enough to handle the case of stand-alone LDAP servers (i.e., LDAP
+ servers not back-ended by X.500).
+
+2. URL Definition
+
+ An LDAP URL begins with the protocol prefix "ldap" and is defined by
+ the following grammar.
+
+ <ldapurl> ::= "ldap://" [ <hostport> ] "/" <dn> [ "?" <attributes>
+ [ "?" <scope> "?" <filter> ] ]
+
+ <hostport> ::= <hostname> [ ":" <portnumber> ]
+
+ <dn> ::= a string as defined in RFC 1485
+
+ <attributes> ::= NULL | <attributelist>
+
+ <attributelist> ::= <attributetype>
+ | <attributetype> [ "," <attributelist> ]
+
+ <attributetype> ::= a string as defined in RFC 1777
+
+ <scope> ::= "base" | "one" | "sub"
+
+ <filter> ::= a string as defined in RFC 1558
+
+
+
+Howes & Smith Standards Track [Page 1]
+\f
+RFC 1959 An LDAP URL Format June 1996
+
+
+ The ldap prefix indicates an entry or entries residing in the LDAP
+ server running on the given <hostname> at the given <portnumber>.
+ The default port is TCP port 389. The <dn> is an LDAP Distinguished
+ Name using the string format described in [1], with any URL-illegal
+ characters (e.g., spaces) escaped using the % method described in RFC
+ 1738.
+
+ The <attributes> construct is used to indicate which attributes
+ should be returned from the entry or entries. Individual
+ <attributetype> names are as defined for AttributeType in RFC 1777.
+ If the <attributes> part is omitted, all attributes of the entry or
+ entries should be returned.
+
+ The <scope> construct is used to specify the scope of the search to
+ perform in the given LDAP server. The allowable scopes are "base"
+ for a base object search, "one" for a one-level search, or "sub" for
+ a subtree search. If <scope> is omitted, a scope of "base" is
+ assumed.
+
+ The <filter> is used to specify the search filter to apply to entries
+ within the specified scope during the search. It has the format
+ specified in [4], with any URL-illegal characters escaped using the %
+ method described in RFC 1738. If <filter> is omitted, a filter of
+ "(objectClass=*)" is assumed.
+
+ Note that if the entry resides in the X.500 namespace, it should be
+ reachable from any LDAP server that is providing front-end access to
+ the X.500 directory. If the <hostport> part of the URL is missing,
+ the URL can be resolved by contacting any X.500-back-ended LDAP
+ server.
+
+3. Examples
+
+ The following are some example LDAP URLs using the format defined
+ above. An LDAP URL referring to the University of Michigan entry,
+ available from any X.500-capable LDAP server:
+
+ ldap:///o=University%20of%20Michigan,c=US
+
+ An LDAP URL referring to the University of Michigan entry in a
+ particular ldap server:
+
+ ldap://ldap.itd.umich.edu/o=University%20of%20Michigan,c=US
+
+ This URL corresponds to a base object search of the "o=University of
+ Michigan, c=US" entry using a filter of (objectclass=*), requesting
+ all attributes.
+
+
+
+
+Howes & Smith Standards Track [Page 2]
+\f
+RFC 1959 An LDAP URL Format June 1996
+
+
+ An LDAP URL referring to only the postalAddress attribute of the
+ University of Michigan entry:
+
+ ldap://ldap.itd.umich.edu/o=University%20of%20Michigan,c=US?postalAddress
+
+ The corresponding LDAP search operation is the same as in the
+ previous example, except that only the postalAddress attribute is
+ requested.
+
+ An LDAP URL referring to the set of entries found by querying any
+ X.500-capable LDAP server and doing a subtree search of the
+ University of Michigan for any entry with a common name of "Babs
+ Jensen", retrieving all attributes:
+
+ ldap:///o=University%20of%20Michigan,c=US??sub?(cn=Babs%20Jensen)
+
+ An LDAP URL referring to all children of the c=GB entry:
+
+ ldap://ldap.itd.umich.edu/c=GB?objectClass?one
+
+The objectClass attribute is requested to be returned along with the
+entries.
+
+4. Security Considerations
+
+ The LDAP URL format does not provide a way to specify credentials to
+ use when resolving the URL. Therefore, it is expected that such
+ requests will be unauthenticated. The security implications of
+ resolving an LDAP URL are the same as those of resolving any LDAP
+ query. See the RFC 1777 for more details.
+
+5. Prototype Implementation Availability
+
+ There is a prototype implementation of the specification defined in
+ this document available. It is an extension to the libwww client
+ library, provided in both source and binary forms. Also included are
+ binary versions of the Mosaic WWW client for various platforms. See
+ the following URL for more details:
+
+ ftp://terminator.rs.itd.umich.edu/ldap/url/
+
+
+
+
+
+
+
+
+
+
+
+Howes & Smith Standards Track [Page 3]
+\f
+RFC 1959 An LDAP URL Format June 1996
+
+
+6. Bibliography
+
+ [1] Kille, S., "A String Representation of Distinguished Names",
+ RFC 1779, March 1995.
+
+ [2] Yeong, W., Howes, T., and S. Kille, "Lightweight
+ Directory Access Protocol", RFC 1777, March 1995.
+
+ [3] Howes, R., Kille, S., Yeong, W., and C. Robbins, "The String
+ Representation of Standard Attribute Syntaxes", RFC 1778,
+ March 1995.
+
+ [4] Howes, T., "A String Representation of LDAP Search Filters",
+ RFC 1558, December 1993.
+
+ [5] Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform
+ Resource Locators (URL)", RFC 1738, December 1994.
+
+7. Acknowledgements
+
+ This material is based upon work supported by the National Science
+ Foundation under Grant No. NCR-9416667.
+
+8. Authors' Addresses
+
+ Tim Howes
+ University of Michigan
+ ITD Research Systems
+ 535 W William St.
+ Ann Arbor, MI 48103-4943
+ USA
+
+ Phone: +1 313 747-4454
+ EMail: tim@umich.edu
+
+
+ Mark Smith
+ University of Michigan
+ ITD Research Systems
+ 535 W William St.
+ Ann Arbor, MI 48103-4943
+ USA
+
+ Phone: +1 313 764-2277
+ EMail: mcs@umich.edu
+
+
+
+
+
+
+Howes & Smith Standards Track [Page 4]
+\f