directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Alderson <>
Subject RE: Initial Draft for gsoc proxy plugin project
Date Thu, 26 Mar 2009 12:00:22 GMT
Hi Rahul,

I know that personally I would like to see a standalone service (non-gui) to start with that
would act as an intermediate LDAP server, passing all requests on to a target LDAP server.
 This could be configured to do various tasks like dump the requests and responses to an LDIF
file, load balance.. etc.  I don't know if the proxy you describe would work at that level.

Thinking about it further perhaps this would just involve writing a new pass-through partition
(backend) for ApacheDS (I think this has been talked about in the past).  This partition would
send a request on to another target LDAP server instead of using it against a local database.

Once we have that a Studio plug-in could be written to show the output of the journal or changelog
interceptors that I think Emmanuel's been working on.  In addition or instead of that we could
write an extra "debug" ApacheDS interceptor to allow Studio to intercept a request and decide
what to do with it in real time (i.e. cancel or continue with an optional modification).

This seems to me to be a more flexible and useful direction to take rather than just writing
another standalone tool.  I think it also helps to have the project broken into mostly independent
chunks like this.

How does that sound?


-----Original Message-----
From: rahul.soa [] 
Sent: Wednesday 25 March 2009 23:26
To: Apache Directory Developers List
Subject: Initial Draft for gsoc proxy plugin project

Hello Devs,

I have written an initial draft for gsoc "LDAP proxy plugin" project.
Can you please suggest about the modifications (what should be added or should be removed
from it)?

// quote

Title/Summary: LDAP Proxy Plug-in


To develop an eclipse plug-in for exposing and storing the exchanged messages between the
LDAP server and client for debugging/diagnosing purpose. This plug-in will be encapsulated
in Apache Studio.

Detailed Description:

In order to expose message exchange (request/response - such as bind, search, add entry, delete
entry, modify entry etc.)  between the Directory Server (LDAP Server) and client (Apache Studio),
there is a need of proxy tool (initially a debugger tool) which will allow us to analyze the
exchanged decoded messages. Furthermore, this proxy should allow us to store the messages
in xml format to generate tests based on those recorded requests/responses messages.

This proxy will be integrated in the Apache Studio as an eclipse plug-in and will provide
the debugging facility "on demand". This proxy plug-in will be able to work with any kind
of LDAP server. The basic idea is to extract the exchanged PDU (Protocol Data Unit) and to
present them with their decoded values. This will enable us to explore the system to understand
how it works by tracing down the request and response and to see what messages we send to
and receive from the LDAP server.

The future work could be to extend this debugging/diagnostic tool to a real proxy by implementing
some additional new features like integrating a LDAP smart load balancer or switch (smartly
distribute the connection and search requests based on the namingContext across replica and
by taking advantage of already populated cache respectively), failover mechanism (to improve
the availability) and security features (filtering mechanism and logging utilities etc).


1. To develop proxy plug-in for Apache Directory Studio with the following features:

   -> To expose the decoded exchanged messages in UI
   -> To store the messages in the xml file
   -> To generate the tests based on the stored messages

2. Testing with LDAP Server and Apache Studio 3. Documentation 4. Future work indication


Any suggestion will be appreciable.

Many Thanks.

Best Regards,

View raw message