directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot>
Subject Re: Example of layer 7 protocol proxy
Date Thu, 08 Jul 2010 12:45:25 GMT
Hi Peter,

On 8 juil. 2010, at 14:15, Peter Popov wrote:

> Thanks Emmanuel, I did, and there's even an LDAP proxy project going on in
> there as we speak, but it's not complete yet and being that it's part of the
> Google Summer of Code competition, I'm not sure I can either reuse it or
> contribute to it. I did look into it for tips though but they hadn't gotten
> to the proxying part last time I checked. It is actually that part that
> bothers me.

I'm the mentor of this project with Keheliya Gallaba as student.
Basically, I prepared him the canvas for writing the LDAP Proxy.
Reusing already existing bits of code from the network layer of ApacheDS, I was able to create
what I call an LDAP Network Server, which listens to incoming connections and requests.
Keheliya is currently trying to fill in the blanks I left for him in the code, in order to
handle the communication to the targeted remote server.
Currently only the bind and unbind requests are working. More requests will in the next days...

Here's the URL of the project, just in case:

FYI, I also wrote (a long time now) a parser/writer for DSMLv2 at the Apache Directory Project.
It is used in the project I'm working on there, Apache Directory Studio.
Here's the link to that parser/writer:
As I've seen in your first mail that you wanted to transform LDAP requests to DSML, I thought
you might be interested in.

Hope this helps,

PS: I've added Keheliya and the Apache Directory Dev list to the loop in my reply.

> I have an acceptor with a filter chain and event handlers, and I instantiate
> a connector once an acceptor has a session going, hoping that in
> handleMessage() I could just broadcast() to the connector. However I have to
> do the same for responses, only in the opposite direction (from connector to
> acceptor). I also have to maintain some kind of session table to match each
> acceptor IoSession to the appropriate connector one. The logic gets
> convoluted quite quickly and I'm already in deep spaghetti trying to handle
> all those cases (and nowhere close to *actually* handling them). It gets
> even tricker because both the acceptor and connector have to demux as well
> as mux. In short, I am quite utterly lost. Perhaps I should use an
> LdapConnection from Apache DS instead of a NioSocketConnector? I won't be
> able to take the broadcast() shortcut and would have to handle every single
> message type separately, but maybe it would still make my life easier
> overall?
> As a side note, does broadcast() bypass the message dispatch mechanism? If I
> broadcast() a message, it's not going to end up in the message handlers,
> right?
> Thanks,
> Peter
> On Thu, Jul 8, 2010 at 3:03 PM, Emmanuel Lecharny <>wrote:
>> On 7/8/10 12:17 PM, Peter Popov wrote:
>>> Hi all,
>>> I need to log all requests that pass through a proxy but the protocol is
>>> binary (LDAP) so I can't just dump the bytestream as in the sample
>>> provided
>>> in the documentation. Besides, I want to be able to replay it later so I
>>> need to transform it to a standard form (DSMLv2 in this case). Can someone
>>> point to an example of a higher level protocol proxy that also does some
>>> basic message processing? It doesn't need to be a complete implementation,
>>> just enough to get me started as I've been running around in circles for a
>>> week now.
>> Go check Apache Directory Server project. It's based on MINA and
>> encode/decode LDAP protocol.
>> In fact, MINA was initially developed for Directory :)
>> --
>> Regards,
>> Cordialement,
>> Emmanuel L├ęcharny

View raw message