apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: [PATCH] LDAP extension to apr-util (take 2)
Date Mon, 13 Aug 2001 18:20:01 GMT
Greg Stein wrote:

> I probably missed some conversation while I was away in July, but this is an
> awfully large chunk of code and functionality to put into APRUTIL. I don't
> see how this is sufficiently generic, or a set of utilities. LDAP is a
> really large item with lots of scariness to get things right. I'm worried
> that this limited functionality is going to grow without bounds over time.

The basic need for LDAP support in APR-util is to provide a common way
of binding LDAP to Apache.

The three pieces of functionality I propose to add to Apache that use
LDAP are:

- auth_ldap (complete - allows accesses to be authenticated against LDAP
users and authorised against LDAP groups)
- config from LDAP (next in line - allows Apache to pull lines of config
from objects on an LDAP server, large configfile-less Apache farms are
possible with this)
- serve LDAP content (allows Apache to embed LDAP attributes within
pages using mod_include)

Having LDAP in APR means that the two modules and the core need not
worry about where and how the LDAP server libraries are installed.

The additional code within the LDAP library is largely focused on
solving the problem of reusing LDAP connections, avoiding rebinding to
the LDAP server where it can be avoided, and avoiding compare queries to
the LDAP server through the use of a normal|shared memory cache.

> I'm all for a new apr-ldap CVS module / library. But its presence in APRUTIL
> feels very questionable to me.

It was suggested in the discussion in July that it go in APR-util and
not APR - though I don't have a reference...

If this code does not belong in APR, would it make sense to add it to
the Apache code directly?

minfrin@sharp.fm		"There's a moon
					over Bourbon Street
View raw message