Directories for the REST of Us: REST to LDAP in OpenDJ 2.6

1,725 views

Published on

Presented by Ludovic Poitou, OpenDJ Product Manager, ForgeRock and Matt Swift, OpenDJ Architect at ForgeRock Open Identity Stack Summit, June 2013

Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/

Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,725
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
34
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Directories for the REST of Us: REST to LDAP in OpenDJ 2.6

  1. 1. Open Identity SummitDirectories for theREST of usLudovic PoitouProduct ManagerMatthew SwiftArchitectForgeRock
  2. 2. Open Identity SummitLDAP ?!  Good protocol!  Great products and services!  Main problem : Where are thedevelopers ?!  No one learns LDAP ordirectory services atUniversity!  Poor and complex clientdevelopment kits!  Protocol from another era :ASN1, BER…(cc) http://www.flickr.com/photos/bloodlessr/
  3. 3. Open Identity SummitDSMLv2 ?!  Heavyweight!  Too close to LDAP!  Few tools!  Incomplete
  4. 4. Open Identity SummitSo what else ?!  HTTP for transport!  JSON for data representation!  Loosely coupled!  Fueling the API economy⇒ RESTfull APIs(cc) http://www.flickr.com/photos/iain/
  5. 5. Open Identity SummitIntroducing REST to LDAP!  /users!  /groups!  But also any object or collection can be configured!  /hosts!  /networks …!  All CRUD operations:!  Queries, with filters and returned attributes!  Put / Post / Delete / Patch…!  Directory specific operations: Modify password…
  6. 6. Open Identity SummitGET /users/user.0{!"_rev" : "000000003a46b19d",!"schemas" : [ "urn:scim:schemas:core:1.0" ],!"contactInformation" : {!"telephoneNumber" : "+1 685 622 6202",!"emailAddress" : "user.0@maildomain.net"!},!"_id" : "user.0",!"name" : {!"familyName" : "Amar",!"givenName" : "Aaccf"!},!"userName" : "user.0@maildomain.net",!"displayName" : "Aaccf Amar"!}!
  7. 7. Open Identity Summit2 Options!  In OpenDJ server!  Embedded!  Direct access to the data and services!  More secure!  As a standalone web application!  Gateway between HTTP and LDAP!  Works with any LDAP server!  Can be scaled like any other web application!  Network latency
  8. 8. Open Identity SummitEmbedded REST to LDAP!  Delivered part of OpenDJ 2.6 by default.!  Just needs to be enabled!  As well as http logs (for auditing and troubleshooting)!  Configuration as a json file!  LDAP based configuration is coming
  9. 9. Open Identity SummitDemo
  10. 10. Open Identity SummitREST to LDAP vs SCIM!  OpenDJ REST to LDAP is inspired by SCIM!  Filters!  Queries!  Identifiers!  Json representation!  SCIM is still a moving target!  SCIM is Identity centric vs REST to LDAP is generic!  SCIM support will be a strip down, hardwired configurationof REST to LDAP
  11. 11. Open Identity SummitTake the ride to REST !
  12. 12. Q & ALogo of PresenterCompany HERE

×