directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From szoer...@apache.org
Subject svn commit: r647564 - /directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml
Date Sun, 13 Apr 2008 12:02:23 GMT
Author: szoerner
Date: Sun Apr 13 05:02:23 2008
New Revision: 647564

URL: http://svn.apache.org/viewvc?rev=647564&view=rev
Log:
added some content from cwiki

Modified:
    directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml

Modified: directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml?rev=647564&r1=647563&r2=647564&view=diff
==============================================================================
--- directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml
(original)
+++ directory/sandbox/szoerner/apacheds-documentation/tutorial/src/main/docbook/howToBegin/someBackground.xml
Sun Apr 13 05:02:23 2008
@@ -44,24 +44,39 @@
 		</para>
 
 		<para>
-			Within information technology the term directory is used for
-			a special kind of data storage. It allows the structured
-			storage and efficient retrieval of objects which are often
-			derived from the real world (e.g. persons, IT equipment).
-			Characteristic:
-			<!--  TODO Bullet list -->
+			Within information technology the term
+			<emphasis>directory</emphasis>
+			is used for a special kind of data storage. It allows the
+			structured storage and efficient retrieval of objects which
+			are often derived from the real world (e.g. persons, IT
+			equipment). Characteristic:
+			<itemizedlist mark='bullet'>
+				<listitem>
+					<para>
+						all data is stored in so called
+						<emphasis>entries</emphasis>
+					</para>
+				</listitem>
+				<listitem>
+					<para>
+						the set of entries within a directory forms a
+						tree (hierarchical database)
+					</para>
+				</listitem>
+			</itemizedlist>
 		</para>
 
 		<para>
-			A directory service is a solution which offers users access
-			to the information stored in the directory. A directory
-			assistance (call center agent) is a good real world example
-			for such a service. Within information technologies, such
-			services are normally provided by software components.
-			Directory services provide access to the content of a
-			directory via a well-defined interface. If a network is
-			used, an appropriate protocol has to be defined. LDAP (see
-			below) is such a protocol.
+			A
+			<emphasis>directory service</emphasis>
+			is a solution which offers users access to the information
+			stored in the directory. A directory assistance (call center
+			agent) is a good real world example for such a service.
+			Within information technologies, such services are normally
+			provided by software components. Directory services provide
+			access to the content of a directory via a well-defined
+			interface. If a network is used, an appropriate protocol has
+			to be defined. LDAP (see below) is such a protocol.
 		</para>
 
 		<para>
@@ -76,7 +91,7 @@
 			describes directories and databases as complementary, not
 			competitive, solutions in his excellent article "Should I
 			Use a Directory, a Database, or Both?".
-			
+
 			<!-- TODO: Link -->
 		</para>
 
@@ -85,11 +100,142 @@
 	<section id="someBackground_ldap">
 		<title>LDAP – the Lightweight Directory Access Protocol</title>
 
+		<section>
+			<title>What is it? Some history.</title>
+
+			<para>
+				The comprehensive standard
+				<emphasis>X.500</emphasis>
+				, finalized in 1988, builds the foundation for many of
+				today's directory solutions. Within this standard, the
+				client accesses the server via the Directory Access
+				Protocol (
+				<emphasis>DAP</emphasis>
+				), which is OSI protocol stack based. With the Internet
+				boom in the nineties, the accessibility of directories
+				via TCP/IP became more and more important. Hence a
+				TCP/IP-based access method, which in functionality was a
+				subset of DAP, was standardized in 1993: the
+				<emphasis>
+					Lightweight Directory Access Protocol (LDAP)
+				</emphasis>
+				. First LDAP implementations were gateway solutions,
+				they mediated between LDAP clients and X.500 servers. In
+				1995 the University of Michigan presented the first
+				native LDAP server; in the meantime the work is
+				continued by the OpenLDAP project. 1996 Netscape
+				followed with the first commercial LDAP server (Netscape
+				Directory Server, foundation of several later LDAP
+				servers). Other examples (among many others) include
+				Microsoft Active Directory and Novell eDirectory. The
+				figure below shows the development of directory
+				protocols from X.500/DAP to LDAP.
+			</para>
+
+		</section>
+
+		<section>
+			<title>Information model primer</title>
+
+			<para>
+				Within the information model of LDAP, data is stored in
+				entries, which build up a hierarchical, tree like
+				structure. Each entry has a unique name (
+				<emphasis>DN, Distinguished Name</emphasis>
+				), which depicts its position within the tree. An entry
+				consists of key/value pairs, the
+				<emphasis>attributes</emphasis>
+				. Some attributes may occur more than once within an
+				entry (single or multi valued, e.g. a person can have
+				more than one telephone number). So called
+				<emphasis>object classes</emphasis>
+				define, which attributes an entry may have, and which of
+				them are required. The classes build up a hierarchy with
+				<emphasis>top</emphasis>
+				as root; there is a parallelism to the object oriented
+				world. top forces only the attribute objectclass, which
+				assigns an entry its object classes. A
+				<emphasis>schema</emphasis>
+				consists object classes and attribute types, and
+				therefore defines, what kind of entries can be stored
+				within the directory. Directory servers ship a schema
+				out-of-the-box, often with elements standardized by
+				RFCs. In addition, most directory solutions allow you to
+				define custom object classes and attributes. But in
+				practice, the pre-defined elements are used. Sometimes
+				they get extended according to special requirements.
+			</para>
+		</section>
+
+		<section>
+			<title>Common applications of LDAP based directories</title>
+
+			<para>
+				LDAP operations include entry creation, modification,
+				deletion and search. As a general rule, LDAP directories
+				are optimized for read and search operations, at the
+				cost of write performance. Data, which will be modified
+				often, therefore better suits in a relational database,
+				which offers better support for transactions and
+				referential integrity as well. Directories are rather
+				used if comparatively stable data has to be provided
+				centrally. Common examples are network resources
+				(printers, services) and user data (including
+				credentials and rights for the resources). As a notable
+				feature, many directory products offer replicas, which
+				permit better access times and higher availability
+				especially in geographically dispersed organizations.
+				Not for nothing, the most common LDAP application is the
+				enterprise phone book. That even Microsoft Outlook may
+				be an LDAP client in this case - most average users
+				probably don't know.
+			</para>
+		</section>
+
+		<section>
+			<title>
+				Examples of software components which support LDAP
+			</title>
+
+			<para>
+				Very different types of software products may act as
+				LDAP clients, consuming data for authentication,
+				authorization or data presentation etc.
+				<itemizedlist mark='bullet'>
+					<listitem>
+						<para>
+							E-Mail clients (e.g. Mozilla Thunderbird)
+						</para>
+					</listitem>
+					<listitem>
+						<para>
+							LDAP tools (e.g. Apache Directory Studio)
+						</para>
+					</listitem>
+					<listitem>
+						<para>
+							Web servers or application servers (e.g.
+							Apache Tomcat, Apache HTTP Server)
+						</para>
+					</listitem>
+					<listitem>
+						<para>Mail servers (e.g. Apache James)</para>
+					</listitem>
+					<listitem>
+						<para>...</para>
+					</listitem>
+				</itemizedlist>
+
+				Configuration details for several of these programs in
+				conjunction with ApacheDS are described in later
+				sections or special HowTos.
+			</para>
+		</section>
+
 	</section>
 
 	<section id="someBackground_ldapResources">
 		<title>LDAP resources</title>
-
 	</section>
 
 



Mime
View raw message