Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Apache Directory and
the OSGi Service
Platform
Enrique Rodriguez, PMC MemberEnrique Rodriguez, PMC Member
Apache Software ...
About the SpeakerAbout the Speaker
•• 80's & early 90's VAX, Mac, and Unix network admin80's & early 90's VAX, Mac, and Un...
Windows 2003 Log OnWindows 2003 Log On –– Kerberos ProtocolKerberos Protocol
Windows SecurityWindows Security
Change Password ProtocolChange Password Protocol
Realm ControlRealm Control
workstation
Apache Directory
EXAMPLE.COM
1 NTPNTP
3 KerberosKerberos
4
5 LDAPLDAP
2 DNSDNS
Chan...
Problem StatementProblem Statement
•• Internal pressure (development environment)Internal pressure (development environmen...
Solution: OSGi Service PlatformSolution: OSGi Service Platform
•• Development environmentDevelopment environment
–– Commun...
Bundle BreakdownBundle Breakdown
•• Apache DirectoryApache Directory
–– Backing Store (JNDI InitialContextFactory)Backing ...
Apache Felix Installed BundlesApache Felix Installed Bundles
Dependency Resolution with Service BinderDependency Resolution with Service Binder
1
OSGiOSGi
Configuration AdminConfigura...
Service Binder MetadataService Binder Metadata
Configuration and ServingConfiguration and Serving
Backing Store
1
Config AdminConfig Admin
2
DNS FactoryDNS Factory DNS c...
DNS ConfigurationDNS Configuration
•• IP portIP port
–– 1005310053 ----> 53> 53
•• ““ActiveActive”” partitionspartitions
–...
Configuration Admin with LDAP and DNSConfiguration Admin with LDAP and DNS
What's Next?What's Next?
•• Apache DirectoryApache Directory
–– 1.0 Release by March 20061.0 Release by March 2006
–– Fine...
Thank you!Thank you!
•• ApacheCon US 2005 (December, San Diego, CA)ApacheCon US 2005 (December, San Diego, CA)
–– InIn--de...
Apache Directory and the OSGi Service Platform - Enrique Rodriguez, PMC Member, Apache Directory Project, Apache Software ...
Upcoming SlideShare
Loading in …5
×

Apache Directory and the OSGi Service Platform - Enrique Rodriguez, PMC Member, Apache Directory Project, Apache Software Foundation

1,097 views

Published on

OSGi World Congress 2005 - Developer Forum Day 1

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Apache Directory and the OSGi Service Platform - Enrique Rodriguez, PMC Member, Apache Directory Project, Apache Software Foundation

  1. 1. Apache Directory and the OSGi Service Platform Enrique Rodriguez, PMC MemberEnrique Rodriguez, PMC Member Apache Software FoundationApache Software Foundation
  2. 2. About the SpeakerAbout the Speaker •• 80's & early 90's VAX, Mac, and Unix network admin80's & early 90's VAX, Mac, and Unix network admin •• MidMid--90's MCS for Unix90's MCS for Unix--toto--NT migrationsNT migrations •• LateLate--90's Director of Global Systems for Fortune90's Director of Global Systems for Fortune 100, 6 continents, over 100 sites MS migrations100, 6 continents, over 100 sites MS migrations •• Summer 2004 Apache Kerberos, granted to ASFSummer 2004 Apache Kerberos, granted to ASF •• Apache Directory, PMC MemberApache Directory, PMC Member •• Apache Change Password, NTP, DNSApache Change Password, NTP, DNS •• Safehaus founder (Mobile phone OTP token)Safehaus founder (Mobile phone OTP token) •• OATH representative (HOTP)OATH representative (HOTP)
  3. 3. Windows 2003 Log OnWindows 2003 Log On –– Kerberos ProtocolKerberos Protocol
  4. 4. Windows SecurityWindows Security
  5. 5. Change Password ProtocolChange Password Protocol
  6. 6. Realm ControlRealm Control workstation Apache Directory EXAMPLE.COM 1 NTPNTP 3 KerberosKerberos 4 5 LDAPLDAP 2 DNSDNS ChangepwChangepw
  7. 7. Problem StatementProblem Statement •• Internal pressure (development environment)Internal pressure (development environment) –– Platforms: Linux, Mac, Windows ... and mobile phonesPlatforms: Linux, Mac, Windows ... and mobile phones –– Complexity: RFC's, multiComplexity: RFC's, multi--master replication, ACImaster replication, ACI –– Nature of openNature of open--source: time zones, work schedulessource: time zones, work schedules •• External pressure (interested parties)External pressure (interested parties) –– OSS community: permutationsOSS community: permutations –– Enterprise: robustness (long running services)Enterprise: robustness (long running services) –– Fortune 9,000,000: easeFortune 9,000,000: ease--ofof--useuse –– Vendors: extensibility (addVendors: extensibility (add--ons, embedding)ons, embedding)
  8. 8. Solution: OSGi Service PlatformSolution: OSGi Service Platform •• Development environmentDevelopment environment –– Community involvement (Apache HTTPD mod_*)Community involvement (Apache HTTPD mod_*) –– Jetty Bundle, JMX Bundles, choice of implementationJetty Bundle, JMX Bundles, choice of implementation –– Further out: mobile phones w/ Safehaus HausKeysFurther out: mobile phones w/ Safehaus HausKeys •• Demands from communityDemands from community –– LDAP Server or Kerberos Server or DNS ServerLDAP Server or Kerberos Server or DNS Server –– LDAP or JMX or Felix Console or Web UILDAP or JMX or Felix Console or Web UI –– Embeddable Directory or Realm ControllerEmbeddable Directory or Realm Controller –– HOTP/SAM plugins for KerberosHOTP/SAM plugins for Kerberos
  9. 9. Bundle BreakdownBundle Breakdown •• Apache DirectoryApache Directory –– Backing Store (JNDI InitialContextFactory)Backing Store (JNDI InitialContextFactory) –– NIO Networking Layer (MINA ServiceRegistry)NIO Networking Layer (MINA ServiceRegistry) –– 5 Protocol Providers (ManagedServiceFactory, MBean)5 Protocol Providers (ManagedServiceFactory, MBean) •• AdministrationAdministration –– Embedded web UI (HttpService)Embedded web UI (HttpService) –– JMX (MBeanServer)JMX (MBeanServer) –– Felix Commands ( 'load /path/to/LDIF' )Felix Commands ( 'load /path/to/LDIF' ) •• ConfigurationAdmin, Service BinderConfigurationAdmin, Service Binder
  10. 10. Apache Felix Installed BundlesApache Felix Installed Bundles
  11. 11. Dependency Resolution with Service BinderDependency Resolution with Service Binder 1 OSGiOSGi Configuration AdminConfiguration Admin 3Apache MINA (NIO)Apache MINA (NIO) ServiceRegistryServiceRegistry {requires}{requires} 2 4 5 ManagedServiceFactoryManagedServiceFactory Sun JNDISun JNDI InitialContextFactoryInitialContextFactory DnsManagedFactoryMBeanDnsManagedFactoryMBean DNS ProtocolDNS Protocol ProviderProvider {provides}{provides} {1..1}{1..1} {0..n}{0..n} {1..1}{1..1}
  12. 12. Service Binder MetadataService Binder Metadata
  13. 13. Configuration and ServingConfiguration and Serving Backing Store 1 Config AdminConfig Admin 2 DNS FactoryDNS Factory DNS configurationDNS configuration DNS zoneDNS zone ou=systemou=system dc=example,dc=example, dc=comdc=com 4 5 6 •• [1] JNDI EventDirContext[1] JNDI EventDirContext •• [2] OSGi ManagedServiceFactory[2] OSGi ManagedServiceFactory •• [3] Apache DNS Server[3] Apache DNS Server •• [4] MINA ServiceRegistry[4] MINA ServiceRegistry •• [5] JNDI DirContext[5] JNDI DirContext •• [6] MINA ServiceRegistry[6] MINA ServiceRegistry DNS ServerDNS Server 3
  14. 14. DNS ConfigurationDNS Configuration •• IP portIP port –– 1005310053 ----> 53> 53 •• ““ActiveActive”” partitionspartitions –– example.comexample.com ----> apache.org> apache.org •• Server instanceServer instance –– service.pid: org.apache.dns.1service.pid: org.apache.dns.1 •• IP address: 192.168.0.1, port: 53IP address: 192.168.0.1, port: 53 •• search base: dc=example,dc=comsearch base: dc=example,dc=com –– service.pid: org.apache.dns.2service.pid: org.apache.dns.2 •• IP address: 10.0.0.1, port: 53IP address: 10.0.0.1, port: 53 •• search base: dc=apache,dc=orgsearch base: dc=apache,dc=org
  15. 15. Configuration Admin with LDAP and DNSConfiguration Admin with LDAP and DNS
  16. 16. What's Next?What's Next? •• Apache DirectoryApache Directory –– 1.0 Release by March 20061.0 Release by March 2006 –– FinerFiner--granularity (core interceptors, Kerberos SAM)granularity (core interceptors, Kerberos SAM) •• Apache FelixApache Felix –– Configuration Admin (separate store, R4 update)Configuration Admin (separate store, R4 update) –– Prefs Admin, User Admin (typical LDAP data)Prefs Admin, User Admin (typical LDAP data) •• ApacheApache –– Critical mass of bundlesCritical mass of bundles –– OBR/Update siteOBR/Update site –– Cocoon, JAMES?, Geronimo?Cocoon, JAMES?, Geronimo?
  17. 17. Thank you!Thank you! •• ApacheCon US 2005 (December, San Diego, CA)ApacheCon US 2005 (December, San Diego, CA) –– InIn--depthdepth ““realm controlrealm control”” with Apache Directorywith Apache Directory •• Apache Directory ProjectApache Directory Project –– http://directory.apache.orghttp://directory.apache.org •• Apache Felix ProjectApache Felix Project –– http://incubator.apache.org/projects/felix.htmlhttp://incubator.apache.org/projects/felix.html •• Safehaus HausKeys, Mitosis, TripleSecSafehaus HausKeys, Mitosis, TripleSec –– http://hauskeys.safehaus.org/http://hauskeys.safehaus.org/ –– http://mitosis.safehaus.org/http://mitosis.safehaus.org/ –– http://triplesec.safehaus.org/http://triplesec.safehaus.org/

×