directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: Virtual Directory (or LDAP Proxy)
Date Mon, 07 Feb 2005 06:30:21 GMT
Adison Wongkar wrote:

> Hi everyone,
>  
> I just joined this mailing list. I'm Adison Wongkar from Verge 
> Archemedia in Austin, TX. Me and a co-worker from the same company 
> (Endi Dewata) has been working on a Virtual Directory piece of 
> software. Currently we have developed it as a backend to OpenLDAP 
> (writing back-java on our own). We have an interest to see if we could 
> integrate our java code into the ApacheDS project. Perhaps as a 
> backend to ApacheDS. I want to see if there's any interest from you 
> all in having a virtual directory module for ApacheDS.

Absolutely this is a very exciting niche in directory services. 

We were considering LDAP Views (analogous to SQL views in RDBMs world) 
for doing just this.  The view is essentially the fundamental mechanism 
for enabling a directory as a virtual directory.  Obviously the view is 
a hook into a complex subsystem of the directory server: the virtual 
directory part.  The server detects a request and delegates that request 
based on some subtree specification (see here in section 2.1 
http://www.rfc-archive.org/getrfc.php?rfc=3672) to this subsystem.  The 
subsystem can do what it wants to compose and return the response.  This 
includes any combination of the operations below and more ...

o assemble one or more entries into a super entry
o transform while assembling
o remap attributes between two schemas
o pull data from disparate (non jndi/ldap) resources to assemble the entry
o ...

This list really is just limited by our imagination isn't it :)?  Also 
note that the interceptor subsystem of the server comes in very handy 
here.  It can be used to trap a request, analyze it to see if it falls 
into a subtree that is associated with a virtual area and delegate the 
response to the virtual directory subsystem.  This is really cool stuff 
- probably because its slick and not so easy to do - challenging.

I think you'll find many people that would be interested in pursuing 
this with you.  I'm very interested myself so count me in.  Another 
fellow named Mark Swanson is also interested in this for his schedule 
world application and his calendar server here:

http://scheduleworld.com

Also if you would like, you're welcome to work on a draft spec for 
formalizing LDAP views.  I've started work on a draft for submission to 
the ietf to try to standardize views within LDAP.  If we implement this 
then virtual directories can be specified very easily.

> Btw, I just checked out and played with the ApacheDS. Great work! Just 
> by looking at the website, I got the impression that the project has 
> just started. But when I played and looked at the code, I am quite 
> thrilled.

That's really nice to hear.  We've been doing this for the past 30 or so 
months. However we've only been in the Apache Incubator for 16 months. 

Cheers,
Alex


Mime
View raw message