• Home

  • Documents

  • LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH
30
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL • PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

Tags:

Embed Size (px)

Citation preview

Page 1: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPLIGHT WEIGHT DIRECTORY

ACCESS PROTOCOL• PRESENTATION BY ALAKESH

APURVA DHAN AND ASH

Page 2: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

WHAT IS LDAP

• LDAP IS LIGHT WEIGHT • SUFFICIENT STRAIGHT FORWARD • EASY TO IMPLEMENT AS AGAINST

X.500 DAP WHICH IS HEAVY WEIGHT

Page 3: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP

• DIRECTORY BECAUSE DATA IS ORGANISED IN THE FORM OF TREE MUCH LIKE UNIX FILE SYSTEM

• USES SIMPLIFIED SET OF ENCODING

• RUNS DIRECTLY ABOVE TCP/IP• USES STRING TO REPRESENT DATA

Page 4: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP

• LDAP SECURITY MODEL : DEFINES HOW INFORMATION CAN BE PROTECTED FROM UNAUTHORISED ACCESS

Page 5: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP

• LDAP API • THERE ARE SEVERAL LDAP API

APPLICATION PROGRAMMING INTERFACE OLDEST ONES WRITTEN IN C

• NOW A DAYS LDAP API S ARE AVAILABLE IN OTHER PROGRAMMING LANGUAGES LIKE PERL JAVA

Page 6: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

HOW LDAP WORKS

• LDAP DIRECTORY SERVICE IS BASED ON CLIENT SERVER MODEL

• LDAP IS A MESSAGE ORIENTED PROTOCOL

• CLIENT CONSTRUCTS AN LDAP MESSAGE CONTAINING A REQUEST AND SENDS IT TO THE SERVER

Page 7: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

HOW LDAP WORKS

• SERVER PROCESSES THE REQUEST AND SENDS IT BACK TO THE CLIENT IN THE FORM OF LDAP MESSAGE

Page 8: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP BACKENDS

• THE BASIC DAEMON PROCESS THAT RUNS ON THE LDAP SERVER CALLED SLAPD COMES WITH THREE DIFFERENT BACKEND DATABASES

• WE ASSUME THAT IN OUR CASE WE USE LDBM THE MOST USED ONE

Page 9: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

HOW LDAP WORKS

• LDAP DATABASE WORKS BY ADDING A COMPACT FOUR BYTE UNIQUE IDENTIFIER

• INDEX FILES ARE MAINTAINED FOR REFERRING TO DATA

Page 10: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP PROTOCOL OPERATION

• INTERROGATION OPERATION : SEARCH , COMPARE

• ADD DELETE OPERATOIN : ADD , DELETE , MODIFY , MODIFY DN

• AUTHENTICATION AND CONTROL OPERATION : BIND , UNBIND , ABANDON

Page 11: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP INFORMATION MODEL

• BASIC UNIT IS ENTRY ( A COLLECTION OF INFORMATION ABOUT AN OBJECT )

• AN ENTRY IS COMPOSED OF A SET OF ATTRIIBUTES

Page 12: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDIF

• LDIF STANDS FOR LDAP DATA INTERCHANGE FORMAT

• DIRECTORY ENTRIES IN LDAP ARE IN THE FORM OF LDIF

Page 13: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDIF FORMAT

• BASIC FORM OF LDIF : #COMMENT DN: <DISTINGUSHED NAME> <ATTRDESC>: <ATTRVALUE> <ATTRDESC>: <ATTRVALUE> …..

• EXAMPLE : DN: UID=ALAKESH DC=IIT DC=EDU

Page 14: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP

• IN ADDITION TO BEING A NETWORK PROTOCOL IT ALSO DEFINES FOUR MODELS

• LDAP INFORMATION MODEL : DEFINES THE KIND OF DATA U PUT

• LDAP NAMING MODEL : HOW U ORGANISE AND REFER TO DIRECTORY INFORMATION

Page 15: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDIF FORMAT

• LINES STARTING WITH # ARE CONSIDERED TO BE COMMENTS

• ALL OTHER ATTRIBUTES ARE WRITTEN IN <ATTRDESC > = <VALUE> FORM

Page 16: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDIF

• EACH ENTRY IS UNIQUELY IDENTIFIED BY A DISTINIGUISHED NAME OR DN . THE DN CONSISTS OF THE NAME OF THE ENTRY PLUS A PATH IN THE DIRECTORY TREE TRACING BACK TO THE TOP OF THE DIRECTORY HIERARCHY

• THE OBJECT CLASS DEFINES THE CLASS OF THE ATTRIBUTES THAT CAN BE USED TO DEFINE AN ENTRY

Page 17: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDIF

• DIRECTORY DATA IS REPRESENTED AS ATTRIBUTE-VALUE PAIR . ANY SPECIFIC PIECE OF INFORMATION IS ASSOSICATED WITH A DESCRIPTIVE ATTRIBUTE

Page 18: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP CONFIGURATION

• THE CONFIGURATION FILE SLAPD.OC.CONF CONTAINS THE DEFINITION OF ALL THE OBJECT CLASSES

• THE ATTRIBUTES OF THE OBJECT CLASSES ARE DEFINED IN SLAPD.AT.CONF FILE

Page 19: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP CONFIGURATION

• EACH OBJECT CLASS HAS REQUIRED AND ALLOWED ATTRIBUTE

• REQUIRED ATTRIBUTES MUST BE PRESENT WHILE ALLOWED ARE OPTIONAL

Page 20: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP CONFIGURATION

• EACH ATTRIBUTE HAS CORRESPONDING SYNTAX DEFINITION

Page 21: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP ACCESS CONTROL

• ACCESS TO <WHAT> [ BY <WHO> <ACCESS LEVEL> <CONTROL> ]

• THIS DIRECTIVE GRANTS ACCESS TO A SET OF ENTRIES/ATTRIBUTES BY ONE OR MORE REQUESTERS

• EXAMPLE : ACCESS TO * BY * READ

Page 22: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP ACCESS CONTROL

• THE ABOVE DIRECTIVE GIVES READ PERMISSION TO EVERYONE

• FOR EXAMPLE ACCESS TO DN=“ . * , C=INDIA” BY * SEARCH GIVES SEARCHING PERMS TO ENTRIES UNDER C=INDIA SUBTREE

Page 23: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPADD

• OPENLDAP PACKAGE COMES WITH SHELL EXECUTABLE NAMED LDAPADD USED TO ADD ENTRIES TO THE DATABASE WHILE LDAP SERVER IS RUNNING

• BASIC SYNTAX IS LDAPADD -F <DATAFILE> -D

<DN> -w <PASSWD> / -W ( IF PASSWORD IS TO BE PROMPTED .

Page 24: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPDELETE

• ANOTHER SHELL EXECUTABLE FOR DELETING ENTRIES

• ITS SYNTAX IS LDAPDELETE

‘CN=HI,O=IITB,C=INDIA’

Page 25: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPMODIFY

• ITS ANOTHER SHELL EXECUTABLE TO MODIFY DATA IN THE DIRECTORY DATABASE

• IT HAS SIMILAR SYNTAX TO LDAPADD

Page 26: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPSEARCH

• SHELL ACCESSIBLE INTERFACE TO LDAP_SEARCH() C ROUTINE

• LDAPSEARCH OPENS CONNECTION TO THE LDAPSERVER PERFORMS SEARCH WHICH FOLLOWS FILTERING RULES DEFINED IN RFC1558

Page 27: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAPSEARCH

• FOR EXAMPLE LDAPSEARCH -B “C=INDIA”

“O=IITB” IF * IS ALLOWED READ ACCESS BY DEFAULT THE O=IITB WILL BE RETURNED

• -B OPTION SEARCHES FOR THE SEARCH BASE

Page 28: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

LDAP AND JAVA CONNECTIVITY

• THERE EXISTS A PACKAGE CALLED JNDI ( JAVA NAMING AND DIRECTORY INTERFACE )

• IT CONTAINS API S NEEDED TO CONNECT LDAP SERVER RETRIEVE INFORMATION

Page 29: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

JNDI EXAMPLE

• A typical code WRITTEN USING JNDI TO DO LDAP SEARCH • will be like this …..

• import java.util.Hashable ;• import java.util.Enumeration ;• import javax.naming.* ; • import javax.naming.directory.* ;

• class Search {• public static void main(String[] args){• Hashtable env = new Hashtable(5 , 0.75f) ; • env.put(Context.INITIAL_CONTEXT_FACTORY,Env.INITCTX) ; • env.put(Context.PROVIDER_URL , Env.MY_SERVICE ) ; • ……………………….

Page 30: LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH

• Most ldap servers are optimized for read-intensive operations.Thus, one can see an order of magnitude difference when reading data from an ldap directory versus obtaining the same data from a relational database server optimized for OLTP.

• Because of this optimization , however , most LDAP directories are not suited for storing data where changes are frequent.

Why Ldap?


Apurva Shah_Resume Link

Apurva Shah_Resume Link

Documents
Pradhan Mantri VAN DHAN Yojana (PMVDY) · Pradhan Mantri Van Dhan Yojana “Van Dhan, Jan Dhan and Govardhan would be the basis for transforming the rural and tribal economy in the

Pradhan Mantri VAN DHAN Yojana (PMVDY) · Pradhan Mantri Van Dhan Yojana “Van Dhan, Jan Dhan and Govardhan would be the basis for transforming the rural and tribal economy in the

Documents
Apurva Project 1

Apurva Project 1

Documents
Sahbhagi Dhan (BRRI 56/Sukha Dhan 3)

Sahbhagi Dhan (BRRI 56/Sukha Dhan 3)

Documents
Dhan Suraksha

Dhan Suraksha

Documents
The digital-evolution-in-marketing-apurva chamaria

The digital-evolution-in-marketing-apurva chamaria

Business
Apurva Shah - Baking Fur Occlusion

Apurva Shah - Baking Fur Occlusion

Documents
Apurva Elite Brochure : Call Venkat : +919916229967

Apurva Elite Brochure : Call Venkat : +919916229967

Real Estate
apurva kochargaonkar- design portfolio

apurva kochargaonkar- design portfolio

Documents
Live Project -dhan laxmi

Live Project -dhan laxmi

Documents
dhan sewadhansewaltd.com/form/pdf/dhan-sewa-Index-Format.pdf · Title: dhan sewa.cdr Author: subhash Created Date: 1/16/2019 6:37:22 PM

dhan sewadhansewaltd.com/form/pdf/dhan-sewa-Index-Format.pdf · Title: dhan sewa.cdr Author: subhash Created Date: 1/16/2019 6:37:22 PM

Documents
DHX91 DHAN-S Module

DHX91 DHAN-S Module

Documents
Pradhanmantri Jan Dhan Yojna

Pradhanmantri Jan Dhan Yojna

Documents
development july 2012 - DHAN

development july 2012 - DHAN

Documents
Jan dhan yojana - 2014

Jan dhan yojana - 2014

Education
Apurva chintamani | Sahastra siracheeda | Telugu novels

Apurva chintamani | Sahastra siracheeda | Telugu novels

Documents
The Book of Alakesh

The Book of Alakesh

Documents
Resilience Matters - DHAN

Resilience Matters - DHAN

Documents
Jan Dhan Yojna

Jan Dhan Yojna

Documents
Dhan Cliff

Dhan Cliff

Documents
Pmjdy- jan dhan yojana

Pmjdy- jan dhan yojana

Economy & Finance
Apurva Khedagi

Apurva Khedagi

Documents
Apurva colorimeter

Apurva colorimeter

Documents
development august 2012 - DHAN

development august 2012 - DHAN

Documents
MICRO INSURANCE EXPERIENCES OF DHAN … INSURANCE EXPERIENCES OF DHAN FOUNDATION GAYATHRI SAKTHIRAJAN CEO, PEOPLE MUTUALS About DHAN Foundation DHAN • Development of Humane ActioN

MICRO INSURANCE EXPERIENCES OF DHAN … INSURANCE EXPERIENCES OF DHAN FOUNDATION GAYATHRI SAKTHIRAJAN CEO, PEOPLE MUTUALS About DHAN Foundation DHAN • Development of Humane ActioN

Documents
Apurva Water Management Systems Gujarat,India

Apurva Water Management Systems Gujarat,India

Design
Rama Dhan

Rama Dhan

Documents
Learning Journey DHAN Foundation - Impact … Dhan...Learning Journey DHAN Foundation Evolving Climatic Adaptation through Crop Insurance This Learning Journey was created with contributions

Learning Journey DHAN Foundation - Impact … Dhan...Learning Journey DHAN Foundation Evolving Climatic Adaptation through Crop Insurance This Learning Journey was created with contributions

Documents
Social Selling: Masterclass by Apurva Chamaria

Social Selling: Masterclass by Apurva Chamaria

Marketing
DHAN Foundation Giving back to the Society DHAN Foundation Development of Humane Action

DHAN Foundation Giving back to the Society DHAN Foundation Development of Humane Action

Documents