• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
 

Directories for the REST of Us: REST to LDAP in OpenDJ 2.6

on

  • 1,131 views

A Hands-On Workshop session with OpenDJ Product Manager Ludovic Poitou, and OpenDJ Architect Matt Swift.

A Hands-On Workshop session with OpenDJ Product Manager Ludovic Poitou, and OpenDJ Architect Matt Swift.

Statistics

Views

Total Views
1,131
Views on SlideShare
850
Embed Views
281

Actions

Likes
0
Downloads
12
Comments
0

3 Embeds 281

http://www.scoop.it 272
https://twitter.com 8
http://www.google.co.jp 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Directories for the REST of Us: REST to LDAP in OpenDJ 2.6 Directories for the REST of Us: REST to LDAP in OpenDJ 2.6 Presentation Transcript

    • 2013 Open Stack Identity Summit - France Directories for the REST of us Ludovic Poitou - Product Manager Matthew Swift - Architect ForgeRock
    • LDAP ? •  Good protocol •  Great products and services •  Main problem : Where are the developers ? •  LDAP or directory services at University ? •  Enjoy the Dev Kits ! •  Protocol from another era : ASN1, BER… (cc) http://www.flickr.com/photos/bloodlessr/
    • DSMLv2 ? •  Heavyweight •  Too close to LDAP •  Few tools •  Incomplete
    • So what else ? •  HTTP for transport •  JSON for data representation •  Loosely coupled •  Fueling the API economy ⇒ RESTfull APIs (cc) http://www.flickr.com/photos/iain/
    • Introducing REST to LDAP •  /users •  /groups •  But also any object or collection can be configured •  /hosts •  /networks … •  All CRUD operations: •  Queries, with filters and returned attributes •  Put / Post / Delete / Patch… •  Directory specific operations: Modify password…
    • GET /users/user.0 {! "_rev" : "000000003a46b19d",! "schemas" : [ "urn:scim:schemas:core:1.0" ],! "contactInformation" : {! "telephoneNumber" : "+1 685 622 6202",! "emailAddress" : "user.0@maildomain.net"! },! "_id" : "user.0",! "name" : {! "familyName" : "Amar",! "givenName" : "Aaccf"! },! "userName" : "user.0@maildomain.net",! "displayName" : "Aaccf Amar"! }!
    • 2 Options •  In OpenDJ server •  Embedded •  Direct access to the data and services •  More secure •  As a standalone web application •  Gateway between HTTP and LDAP •  Works with any LDAP server •  Can be scaled like any other web application •  Network latency
    • Embedded REST to LDAP •  Delivered part of OpenDJ 2.6 by default. •  Just needs to be enabled •  As well as http logs (for auditing and troubleshooting) •  Configuration as a json file •  LDAP based configuration is coming
    • Demo
    • REST to LDAP vs SCIM •  OpenDJ REST to LDAP is inspired by SCIM •  Filters •  Queries •  Identifiers •  Json representation •  SCIM is still a moving target •  SCIM is Identity centric vs REST to LDAP is generic •  SCIM support will be a strip down, hardwired configuration of REST to LDAP
    • Take the ride to REST !
    • 2013 Open Stack Identity Summit - France Q&A