Introduce LDAP

张海鹏 2008-07-25

SOA

• Mult - Little system• User Manager System (share between other

systems)• How to store user Information• How to access user Information

The role of Directory in SOA???

Lightweight Directory Access Protocol

• X.500 : series standards for Directory

Directory Service

• 人名地址录• 电话号码薄• 目录• 区号目录

• 读频繁，改动少• 简单• 有层次

Directory vs relation Database

• May No transactions• Hierarchical,Tree,Ob

ject• objectClass• objectClass are

standardized.

• Must transactions• Relation• Table• Table are

customized,special

DIT

Entry (node in tree)

So..

Directory Stucture

• A directory is a tree of directory entries• An entry consiss of a set of attributes• An attribute has a name and one or

more values. • Each entry has a unique identifier: its

Distinguished Name.

Schema

• object Class (Table)• Attribute (Field)• Rule• Syntax (Type)

The object Class can be inherited

Shcema – Object identify(OID)

• Attributes and objectClasses are standardized throughout the industry and formally registered with the IANA for their object ID.

• IANA (Internet Assigned Numbers Authority)

• How custom Schema???

Common Object Class

X.500 series standards

X.509

Product

• Oracle Internet Directory• Red Hat Directory Server• Sun Java System Directory Server• Apache Directory Server• Active Directory• IBM Tivoli Directory Server• eDirecotry

LDAP

• Lightweight Directory Access Protocal

• Lightweight Directory Brower Protocal

Operations

• Bind• Start TLS• Search• Compare• Extended Operation

• Add• Delete• Modify• Abandon• Unbind

Search other Operation

• Base DN• Scope• Filter

• New Entry• Modify Entry• Delete Entry

LDIF

• LDAP Data Interchange Format

dn: cn=John Doe,dc=example,dc=com cn: John Doe givenName: John sn: Doe telephoneNumber: +1 888 555 6789 telephoneNumber: +1 888 555 1232 mail: john@example.com manager: cn=Barbara Doe,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top

LDAP common Use

Thanks!

Good night!