Title: Naming
1Naming Directory Service
- ? ? ?
- Database lab, Dept. of CS, KAIST
- mylim_at_dbserver.kaist.ac.kr
2Contents
- E-commerce system
- Directory service
- Lightweight Directory Access Protocol(LDAP)
- Java Naming and Directory Interface(JNDI)
- Java 2 Platform, Enterprise Edition
3Architecture
E-commerce system
4Architecture
E-commerce system
5Architecture
E-commerce system
Source Tmax Soft
6Concept
Directory service
- Directory
- Specialized database that stores information
about objects - List information about printers
- Allow user or application to find resources that
have the characteristics needed for a task - Find a server that can access customer billing
information - White and yellow pages
7Comparison with database
Directory service
- Optimized for read access
- High volumes of Read and Search request
- Rare update request
- No transaction
- Anomalies are considered acceptable
- The way information can be accessed
- LDAP URL
8Roles
Directory service
- Vital part of the infrastructure
- Provide a single logical view of the users,
resources, and other objects that make up a
distributed system - Allow users and applications to access network
resources transparently
9LDAP Introduction
- Background
- Many network-based application rely on their own
directories(or database) - information describing various users,
application, files and other resources accessible
from the network - Application-specific directory
- Much information is common
- Consistency problem
- The number of specialized directories grow and
are difficult to maintain
10Introduction
LDAP
- Need to maintain and access all of this
information in a consistent and controlled manner - Need common, application-independent directory
- Directory Access Protocol
- Can integrate a distributed environment into a
consistent and seamless system
11X.500
LDAP
- Directory service
- Data Communications Network Directory,
Recommendations X.500-X.521 - Oraganize directory entries in a hierarchal name
space - Define powerful search capabilities
- Directory Access Protocol(DAP)
- Communication between directory client and server
- Use OSI protocol stack
- Resource intensive protocol
12Definition
LDAP
- Lightweight Directory Access Protocol
- Define a standard method for accessing and
updating information in a directory - Communication protocol
- Do not define a programming interface
- Open industry standard
- Lightweight Access to X.500
- Use TCP/IP protocol stack
- Simplify some X.500 operations
13LDAP server
LDAP
- Gateway to an X.500 server
- Stand-Alone
14Interaction
LDAP
- General interaction
- Binding 1, 2
- Unbinding 5
15LDAP model
LDAP
- Information model
- Describe the structure of information
- Naming model
- Describe how information is organized and
identified - Functional model
- Describe what operations can be performed on the
information - Security model
- Describe how the information can be protected
16Information model
LDAP
- Relationship
- Entries
- The directory stores and organizes data
structures - An object such as a person, a server and so on
17Information model
LDAP
- Object class
- General description of an object called template
- Described by schema
- What object classes are allowed where in
directory - What attributes they must contain
- What attributes are optional
- The syntax of each attribute
- Inheritance and subclassing of objects
18Naming model
LDAP
- Directory Information Tree(DIT)
- Organize entries based on their DN
- Distinguished Name(DN)
- Identify a entry uniquely
- A sequence of relative DN(RDN) separated by
commas - From leaf to root node
- ltattribute namegtltvaluegt,ltattribute
namegtltvaluegt, ... - Not a tree
- Can use aliases
19Naming model
LDAP
- Example DIT
- cnJohn,ouLDAP Team,oIBM,cUS
- cnJohn Smith,oIBM,cDE
20Naming model
LDAP
- Suffixes and Referrals
- Support distributed directory
- Suffixes
- Individual LDAP server might not store the entire
DIT - Referrals
- Form a distributed directory that contains the
entire DIT - An entry of objectClass referral
- Have an attribute, ref, whose value is the LDAP
URL of the referred entry on another LDAP server - Managed by client or LDAP server
- Off-loading the work of contacting other servers
to the client
21Naming model
LDAP
22Functional model
LDAP
- Query operation
- Search parameters
23Functional model
LDAP
- Update
- Entries attributes
- Add, delete
- Attributes value DN
- Modify
- Authentication
- Bind Unbind
24Security model
LDAP
- Issues
- Authentication
- Integrity
- Confidentiality
- Authorization
- Simple Authentication and Security Layer
- Authentication systems
- e.g. Kerberos
- Secure Socket Layer(SSL/TLS)
25URL
LDAP
- URL format for LDAP resources
- ldaps//lthostgtltportgt/ltdngt?ltattributesgt
?ltscopegt?ltfiltergt?ltextensionsgt - Can simply name an LDAP server
- Can specify a complex directory search
- ldap//saturn.itso.austin.ibm.com/oTransarc,cUS?
cn,mail,phoneNumber?sub?cnbrown
26Deployment example
LDAP
27Deployment example
LDAP
28Commercial products
LDAP
- OpenLDAP
- Free and Open source
- Netscape Directory Server
- IBM's Secure Way Directory
- Microsoft Active Directory Service
- Part of Windows 2000
29Summary
LDAP
- Directory service(or server)
- Most important component in distributed system
- Directory Access Protocol
- Standard communication protocol between directory
server and client - Lightweight Directory Access Protocol
- Based on TCP/IP
- Integrate a distributed environment into a
transparent, consistent and seamless system based
on Internet
30References
LDAP
- TCP/IP Tutorial and Technical Overview
- Martin W.Murhammer, International Technical
Support Organization - Understanding LDAP
- Heinz Johner, International Technical Support
Organization - OpenLDAP
- http//www.openldap.org
- RFC 2251 2256
31Java Naming and Directory Interface(JNDI)
- Programming interface to access naming and
directory services - Provide Naming and Directory functionality
- associate attributes with objects and searching
for objects using their attributes - store and retrieve any type of named Java object
32Concept
JNDI
- Naming concepts
- Naming service
- Look up an object given its name
- Binding
- Association of a name with an object
33Concept
- Directory concepts
- Entry Attributes
- Search filters
34Architecture
JNDI
35Architecture
JNDI
- Service Provider concepts
- The means by which naming and directory services
are integrated into the JNDI framework - An implementation of a context or initial context
that can be plugged in dynamically to the JNDI
architecture to be used by the JNDI client - Support multiple namespaces
36Architecture
JNDI
- Supported Service Provider
- Lightweight Directory Access Protocol(LDAP)
- CORBA services(COS) naming service
- Java Remote Method Invocation(RMI) Registry
- Network Information System(NIS)
- File System
- Domain Name System (DNS)
- Novell NDS
37Packages
JNDI
- Programming API packages
- javax.naming
- Accessing naming services
- javax.naming.directory
- Provide functionality for accessing directory
services - javax.naming.event
- Supporting event notification in naming and
directory service - javax.naming.ldap
- LDAP v3-specific features that are not covered by
the more generic javax.naming.directory package - javax.naming.spi
- Service Provider Interface
38Example code
JNDI
import javax.naming. class Lookup public
static void main(String args)
Hashtable env new Hashtable(11)
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.fscontext.RefFSContextFactory")
String name /tmp/testfile
try Context ctx new
InitialContext(env) Object obj
ctx.lookup(name) ctx.close()
catch (NamingException e)
System.err.println("Problem looking up " name
" " e)
39Example code
JNDI
class Getattr public static void
main(String args) Hashtable env new
Hashtable(11) env.put(Context.INITIAL_CON
TEXT_FACTORY, "com.sun.jndi.ldap.LdapC
txFactory") env.put(Context.PROVIDER_URL,
"ldap//localhost389/oJNDITutorial")
try DirContext ctx new
InitialDirContext(env) Attributes
attrs ctx.getAttributes("cnTed Geisel,
ouPeople") System.out.println("sn
" attrs.get("sn").get())
ctx.close() catch (NamingException e)
System.err.println("Problem getting
attribute " e)
40Example code
JNDI
Context ctx . // Create object to be
bound Fruit fruit new Fruit(orange) //
Perform bind ctx.bind(favorite,
fruit) . // Remove binding ctx.unbind(favori
te)
41Programming Patterns
JNDI
- How to access environment entries
- Program code
- Deployment Descripter(DD)
Context initCtx new InitialContext() Context
myEnv (Context)initCtx.lookup(javacomp/env)
Integer max (Integer)myEnv.lookup(maxExemption
s)
ltenv-entrygt ltdescriptiongt The maximum number
of tax exemptions allowed to be set
lt/descriptiongt ltenv-entry-namegtmaxExemptionslt/
env-entry-namegt ltenv-entry-typegtjava.lang.Inte
gerlt/env-entry-typegt ltenv-entry-valuegt15lt/env-
entry-valuegt lt/env-entrygt
42Programming Patterns
JNDI
- How to access database
- Program code
- Property files
Context initCtx new InitialContext() DataSource
ds (DataSource)initCtx.lookup(javacomp/env/jd
bc/AccountDB) Connection con
ds.getConnection()
jdbc.driversoracle.jdbc.driver.OracleDriver jdbc
.datasourcesjdbc/Oraclejdbcoraclethin_at_rtc1521
acct
43Programming Patterns
JNDI
- How to use EJB references
- Program code
- Deployment Descripter(DD)
Context initCtx new InitialContext() Object
result initCtx.lookup(javacomp/env/ejb/EmplRec
ord) EmployeeRecordHome emplRecordHome
(EmployeeRecordHome)javax.rmi.
PortableRemoteObject.narrow(result,EmployeeRecor
dhome.class)
ltejb-refgt ltdescriptiongt This is a reference
to the entity bean lt/descriptiongt
ltejb-ref-namegtejb/EmplRecordlt/ejb-ref-namegt
ltejb-ref-typegtEntitylt/ejb-ref-typegt
lthomegtcom.wombat.empl.EmployeeRecordHomelt/homegt
ltremotegtcome.wombat.empl.EmployeeRecordlt/remotegt
44Clustering methods
JNDI
- Based on JNDI implementation in WAS
- Independent JNDI tree for each application server
- Scalability
- No failover or developers responsibility
- HP Bluestone Total-e-Server, SilverStream App.
Server - Centralized JNDI tree cluster
- Utilize CORBAs CosNaming service
- Long cluster convergence
- Sybase Enterprise Application Server
- Shared global and local JNDI tree
- Scalability and high availability
- BEA WebLogic Application Server
45Summary
JNDI
- Unified interface to multiple naming and
directory services in the enterprise - Conert with other J2EE technologies to organize
and locate components in a distributed computing
environment - Support real portability and seamless
connectivity to Java applications - Flexible architecture
46References
JNDI
- JNDI tutorial
- http//java.sun.com/products/jndi/tutorial
- Java 2 EE Platform and Component Specification
- Shannon, Addison Wesley 2000
- Java 2 Enterprise Edition homepage
- http//java.sun.com/j2ee/
- JNDI overview
- http//www.javaworld.com/javaworld/jw-01-2000/jw-0
1-howto.html - J2EE clustering, Part 1
- http//www.javaworld.com/javaworld/jw-02-2001/
47Java 2 Enterprise Edtion
48Java 2 Enterprise Edition
- Container
- Allows many component behaviors to be specified
at deployment time, rather than in program code - Hide complexity
- Transaction support
- Resource pooling
- Life cycle management
- Enhance portability
- Connector
- Define a portable service API to plug into
existing enterprise vendor offerings - Promote flexibility by enabling a variety of
implementations of specific services
49Application
J2EE
50Application
J2EE
- Development phases
- EJB Creation
- Web component Creation
- J2EE App. Client Creation
- J2EE App. Assembly
- J2EE App. Deployment
- Contribution of JNDI DD
51Application
J2EE
52Application
J2EE
53Application
J2EE