2 Replies Latest reply on May 17, 2003 10:45 AM by Alex Karasulu

    LDAP Integration

    Alex Karasulu Newbie

      Recently with WLS 7.0 an integrated LDAPv2 server appeared to hold the configuration of individual servers and clusters. Seems like BEA wants to use LDAP and LDAP replication to store, and make highly available configurations for individual servers and cluster nodes. After hearing about this I thought I'd begin work on an LDAPv3 compliant server engineered for the sake of integration into Tomcat and JBoss. The project is called LDAPd and was started last year in October.

      Our goals are simple, provide a FREE, fast, easy to use, embeddable, LDAPv3 compliant server for the OpenSource community. We would like to see JBoss and Tomcat eventually overtake BEA and IBM. When we first saw BEA adopt (copy we mean) the MBean based component architecture first introduced in JBoss we were outraged. BEA we feel has made a smart choice. When orchestrating many components in a distributed system directories become a cornerstone technology. We would like to see JBoss benefit in the same fashion with LDAPd integration.

      Anyway LDAPd was built with a server-side JNDI provider to facilitate integration into another server - making the entire server into an MBean is trivial also. Through the JNDI mechanism the IP stack can be bypassed when the client is local (in the same process space) to LDAPd. By no means are we finished but we are usable and ready to discuss integration. Below are the links to it and the homepage.


      We would like to start discussing integration and how we can best facilitate it.

      Alex Karasulu

        • 1. Re: LDAP Integration
          Adrian Brock Master

          How does this work?

          Is it like netboot where the entire server is loading
          from remote configuration?

          Or is it like MBean persistence where the MBean
          configuration attributes are read from a persistent
          store during bootup which overrides the local


          • 2. Re: LDAP Integration
            Alex Karasulu Newbie

            Sorry about the belated response had some sort of problem with my account here so I just created a new one.

            In response to how does it work:

            Well integration does not mean that the data is remote although that could be a possibility. You can just use the normal LDAP JNDI provider to get to any ldap server and snarf down your configuration.

            However the embedding API nicely is just another server side JNDI provider that bypasses the IP stack to talk straight to any backends on the embedded LDAPd server.

            There are two conduits to operating against the directory. First is through the wire protocol where the server's front end machinery reads LDAPv3 protocol messages and applies them against the respective backends. Second is through the server-side JNDI provider which is similar to the concept of getting a database connection when your on the server in a stored procedure for example when using the Oracle server-side JDBC driver. Actually we expect to use the JNDI provider to enable stored procs to affect the backend via JNDI. It makes sense no?

            We're still working on some concepts though. We currently let the JNDI provider when invoked outside of the first pathway (not within a sp) to run under admin privledges. We need to think about this abit.

            In the solid state after the server has been started as an embedded instance the INITIAL_CONTEXT_FACTORY along with other environment parameters are set and the InitialContext is gotten. Pretty standard I think. Then you can go to town on the data within the backends navigating the tree using JNDI as if it were a remote server without the network latency or traffic.

            Now the big challenge is in the initialization phase and we do not have a solution for this at the moment. My primary reason for contacting the JBoss group was to figure out the best way we can accomplish this since it is very specific to the server you're embedding ldapd into. Right now we can start up the server by using a Kernel object which bootstraps it so to speak. But I think this needs to be wrapped around something else to make it fit nicely into a JBoss or a Tomcat.

            Any ideas?

            Have fun and BU,