Your SlideShare is downloading. ×
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Directories for the REST of Us: REST to LDAP in OpenDJ 2.6

1,494
views

Published on

A Hands-On Workshop session with OpenDJ Product Manager Ludovic Poitou, and OpenDJ Architect Matt Swift.

A Hands-On Workshop session with OpenDJ Product Manager Ludovic Poitou, and OpenDJ Architect Matt Swift.

Published in: Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,494
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
17
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 2013 Open Stack Identity Summit - France Directories for the REST of us Ludovic Poitou - Product Manager Matthew Swift - Architect ForgeRock
  • 2. LDAP ? •  Good protocol •  Great products and services •  Main problem : Where are the developers ? •  LDAP or directory services at University ? •  Enjoy the Dev Kits ! •  Protocol from another era : ASN1, BER… (cc) http://www.flickr.com/photos/bloodlessr/
  • 3. DSMLv2 ? •  Heavyweight •  Too close to LDAP •  Few tools •  Incomplete
  • 4. So what else ? •  HTTP for transport •  JSON for data representation •  Loosely coupled •  Fueling the API economy ⇒ RESTfull APIs (cc) http://www.flickr.com/photos/iain/
  • 5. Introducing REST to LDAP •  /users •  /groups •  But also any object or collection can be configured •  /hosts •  /networks … •  All CRUD operations: •  Queries, with filters and returned attributes •  Put / Post / Delete / Patch… •  Directory specific operations: Modify password…
  • 6. GET /users/user.0 {! "_rev" : "000000003a46b19d",! "schemas" : [ "urn:scim:schemas:core:1.0" ],! "contactInformation" : {! "telephoneNumber" : "+1 685 622 6202",! "emailAddress" : "user.0@maildomain.net"! },! "_id" : "user.0",! "name" : {! "familyName" : "Amar",! "givenName" : "Aaccf"! },! "userName" : "user.0@maildomain.net",! "displayName" : "Aaccf Amar"! }!
  • 7. 2 Options •  In OpenDJ server •  Embedded •  Direct access to the data and services •  More secure •  As a standalone web application •  Gateway between HTTP and LDAP •  Works with any LDAP server •  Can be scaled like any other web application •  Network latency
  • 8. Embedded REST to LDAP •  Delivered part of OpenDJ 2.6 by default. •  Just needs to be enabled •  As well as http logs (for auditing and troubleshooting) •  Configuration as a json file •  LDAP based configuration is coming
  • 9. Demo
  • 10. REST to LDAP vs SCIM •  OpenDJ REST to LDAP is inspired by SCIM •  Filters •  Queries •  Identifiers •  Json representation •  SCIM is still a moving target •  SCIM is Identity centric vs REST to LDAP is generic •  SCIM support will be a strip down, hardwired configuration of REST to LDAP
  • 11. Take the ride to REST !
  • 12. 2013 Open Stack Identity Summit - France Q&A