Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 64637 invoked from network); 11 Jun 2009 17:10:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 11 Jun 2009 17:10:25 -0000 Received: (qmail 19323 invoked by uid 500); 11 Jun 2009 17:10:37 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 19239 invoked by uid 500); 11 Jun 2009 17:10:36 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 19231 invoked by uid 99); 11 Jun 2009 17:10:36 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Jun 2009 17:10:36 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of elecharny@gmail.com designates 209.85.219.225 as permitted sender) Received: from [209.85.219.225] (HELO mail-ew0-f225.google.com) (209.85.219.225) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Jun 2009 17:10:26 +0000 Received: by ewy25 with SMTP id 25so2095358ewy.25 for ; Thu, 11 Jun 2009 10:10:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=Kz1Hr6GCRPBIJBM/XmngfTy0cnkP2yfxXg8qorgSFk4=; b=YIKKQr4Wmq8t0zIqpdadEV82KypPFvYcU0R0iy5AakAYRpUTotSwDTeWUzhaYmxdFA RE4gHCb9aJJZa+7WZcoolLTOzbbPLC4kNmCN9UqTiWKSw/ElA6XuwCkdQoK9bK0/T6Ie GwInNPdELjpJ/hKznexQaiRF26D2h8ilBSXgU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=I/+uKBuvW8u2v4XwXBM64X7725xue/VttJUUuwzwIQyM7oDxnoKQu52TEwDM4+jPmM YR4CM2SLCdjfIh0ZA30ez1dA10AqDQUoZk4sWK5hrJzIkGbJzyBR9hlTs58qXuEUAc0w QLMka29b25+r4l2cltwo+KJ07nygiulOg3XOo= Received: by 10.210.128.17 with SMTP id a17mr3371852ebd.38.1244740205074; Thu, 11 Jun 2009 10:10:05 -0700 (PDT) Received: from ?192.168.0.1? (lon92-10-78-226-4-211.fbx.proxad.net [78.226.4.211]) by mx.google.com with ESMTPS id 5sm189727eyh.50.2009.06.11.10.10.04 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 11 Jun 2009 10:10:04 -0700 (PDT) Sender: Emmanuel Lecharny Message-ID: <4A313A6D.3010100@nextury.com> Date: Thu, 11 Jun 2009 19:10:05 +0200 From: Emmanuel Lecharny User-Agent: Thunderbird 2.0.0.21 (X11/20090318) MIME-Version: 1.0 To: Apache Directory Developers List Subject: Questionning some parts of the configuration Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Hi guys, as I'm trying to figure out a DiT based configuration for ADS, I'm now questioning some choice that have been made long ago. I think we can simplify the configuration a bit. Let's start with some preliminary comments. - the base for all the storage is a DirectoryService. This is the heart of our system. - we have built a lot of servers on top of it, like Kerberos, DHCP, DNS, ChangePW and LDAP. Those servers rely on the DirectoryService - we have one unique server, NTP, which is standalone - ie, it does not need any DirectoryService -. - the Ldap server is a bit special, as it is not named LdapServer, as we would expect when we have a look at the other servers, but ApacheDS, and it points to 2 LdapService (which in turn associate a DirectoryService with a transport) - a Transport is a protocol layer defining the host, port, protocol and some other network related parameters. Each server has at least one transport. Ok, so far, we are lost now :) I would suggest we clean up a bit all of this. 1) ApacheDS is a condensed name for ApacheDirectoryServer. It's a server. we will keep the two services (Ldap and Ldaps), even if we should treat them as transport, not service. 2) All the other servers (NTP, DHCP, Kerberos, DNS) are a combinaison of one or more transport and an optional DirectoryService, if needed. 3) We will define only one DirectoryService for LDAP. We may want 2 DirectoryServices, one for LDAP and another one for LDAPS. But this is not what we have in ApacheDS atm (looking at the code, the DirectoryService is define 3 times : in ApacheDS and in both LdapService). 4) The consequence is that some flags like AllowAnonymousAccess is now useless in ApacheDS, as it's already present in the LdapService instances. 5) The SyncOnWrite flag is define in a Service class, instanciated in ApacheDS. That's most certainly not what we want, as it defines a worker thread in charge of calling directoryService.synch() periodically. This thread is specific to ApacheDS, and won't be available to someone who want to use a DirectoryService as a server backend. I suggest we move the Worker to DirectoryService. That's pretty much it. Just tell me if you agree, or disagree, before I commit anything. Thanks ! -- -- cordialement, regards, Emmanuel L�charny www.iktek.com directory.apache.org