Naming - PowerPoint PPT Presentation

1 / 53

About This Presentation

Title:

Naming

Description:

Lightweight Directory Access Protocol(LDAP) Java Naming and Directory ... Directory Access Protocol(DAP) Communication between directory client and server ... – PowerPoint PPT presentation

Number of Views:60

Avg rating:3.0/5.0

Slides: 54

Provided by: nclabK

Category:

Tags: naming

more less

Transcript and Presenter's Notes

Title: Naming

1
Naming Directory Service

? ? ?
Database lab, Dept. of CS, KAIST
mylim_at_dbserver.kaist.ac.kr

2
Contents

E-commerce system
Directory service
Lightweight Directory Access Protocol(LDAP)
Java Naming and Directory Interface(JNDI)
Java 2 Platform, Enterprise Edition

3
Architecture
E-commerce system

Overview

4
Architecture
E-commerce system

Components

5
Architecture
E-commerce system

Application server

Source Tmax Soft
6
Concept
Directory service

Directory
Specialized database that stores information
about objects
List information about printers
Allow user or application to find resources that
have the characteristics needed for a task
Find a server that can access customer billing
information
White and yellow pages

7
Comparison with database
Directory service

Optimized for read access
High volumes of Read and Search request
Rare update request
No transaction
Anomalies are considered acceptable
The way information can be accessed
LDAP URL

8
Roles
Directory service

Vital part of the infrastructure
Provide a single logical view of the users,
resources, and other objects that make up a
distributed system
Allow users and applications to access network
resources transparently

9
LDAP Introduction

Background
Many network-based application rely on their own
directories(or database)
information describing various users,
application, files and other resources accessible
from the network
Application-specific directory
Much information is common
Consistency problem
The number of specialized directories grow and
are difficult to maintain

10
Introduction
LDAP

Need to maintain and access all of this
information in a consistent and controlled manner
Need common, application-independent directory
Directory Access Protocol
Can integrate a distributed environment into a
consistent and seamless system

11
X.500
LDAP

Directory service
Data Communications Network Directory,
Recommendations X.500-X.521
Oraganize directory entries in a hierarchal name
space
Define powerful search capabilities
Directory Access Protocol(DAP)
Communication between directory client and server
Use OSI protocol stack
Resource intensive protocol

12
Definition
LDAP

Lightweight Directory Access Protocol
Define a standard method for accessing and
updating information in a directory
Communication protocol
Do not define a programming interface
Open industry standard
Lightweight Access to X.500
Use TCP/IP protocol stack
Simplify some X.500 operations

13
LDAP server
LDAP

Gateway to an X.500 server
Stand-Alone

14
Interaction
LDAP

General interaction
Binding 1, 2
Unbinding 5

15
LDAP model
LDAP

Information model
Describe the structure of information
Naming model
Describe how information is organized and
identified
Functional model
Describe what operations can be performed on the
information
Security model
Describe how the information can be protected

16
Information model
LDAP

Relationship
Entries
The directory stores and organizes data
structures
An object such as a person, a server and so on

17
Information model
LDAP

Object class
General description of an object called template
Described by schema
What object classes are allowed where in
directory
What attributes they must contain
What attributes are optional
The syntax of each attribute
Inheritance and subclassing of objects

18
Naming model
LDAP

Directory Information Tree(DIT)
Organize entries based on their DN
Distinguished Name(DN)
Identify a entry uniquely
A sequence of relative DN(RDN) separated by
commas
From leaf to root node
ltattribute namegtltvaluegt,ltattribute
namegtltvaluegt, ...
Not a tree
Can use aliases

19
Naming model
LDAP

Example DIT
cnJohn,ouLDAP Team,oIBM,cUS
cnJohn Smith,oIBM,cDE

20
Naming model
LDAP

Suffixes and Referrals
Support distributed directory
Suffixes
Individual LDAP server might not store the entire
DIT
Referrals
Form a distributed directory that contains the
entire DIT
An entry of objectClass referral
Have an attribute, ref, whose value is the LDAP
URL of the referred entry on another LDAP server
Managed by client or LDAP server
Off-loading the work of contacting other servers
to the client

21
Naming model
LDAP

Example

22
Functional model
LDAP

Query operation
Search parameters

23
Functional model
LDAP

Update
Entries attributes
Add, delete
Attributes value DN
Modify
Authentication
Bind Unbind

24
Security model
LDAP

Issues
Authentication
Integrity
Confidentiality
Authorization
Simple Authentication and Security Layer
Authentication systems
e.g. Kerberos
Secure Socket Layer(SSL/TLS)

25
URL
LDAP

URL format for LDAP resources
ldaps//lthostgtltportgt/ltdngt?ltattributesgt
?ltscopegt?ltfiltergt?ltextensionsgt
Can simply name an LDAP server
Can specify a complex directory search
ldap//saturn.itso.austin.ibm.com/oTransarc,cUS?
cn,mail,phoneNumber?sub?cnbrown

26
Deployment example
LDAP

Replicated LDAP cluster

27
Deployment example
LDAP

Organizations Network

28
Commercial products
LDAP

OpenLDAP
Free and Open source
Netscape Directory Server
IBM's Secure Way Directory
Microsoft Active Directory Service
Part of Windows 2000

29
Summary
LDAP

Directory service(or server)
Most important component in distributed system
Directory Access Protocol
Standard communication protocol between directory
server and client
Lightweight Directory Access Protocol
Based on TCP/IP
Integrate a distributed environment into a
transparent, consistent and seamless system based
on Internet

30
References
LDAP

TCP/IP Tutorial and Technical Overview
Martin W.Murhammer, International Technical
Support Organization
Understanding LDAP
Heinz Johner, International Technical Support
Organization
OpenLDAP
http//www.openldap.org
RFC 2251 2256

31
Java Naming and Directory Interface(JNDI)

Programming interface to access naming and
directory services
Provide Naming and Directory functionality
associate attributes with objects and searching
for objects using their attributes
store and retrieve any type of named Java object

32
Concept
JNDI

Naming concepts
Naming service
Look up an object given its name
Binding
Association of a name with an object

33
Concept

Directory concepts
Entry Attributes
Search filters

34
Architecture
JNDI

Internal overview

35
Architecture
JNDI

Service Provider concepts
The means by which naming and directory services
are integrated into the JNDI framework
An implementation of a context or initial context
that can be plugged in dynamically to the JNDI
architecture to be used by the JNDI client
Support multiple namespaces

36
Architecture
JNDI

Supported Service Provider
Lightweight Directory Access Protocol(LDAP)
CORBA services(COS) naming service
Java Remote Method Invocation(RMI) Registry
Network Information System(NIS)
File System
Domain Name System (DNS)
Novell NDS

37
Packages
JNDI

Programming API packages
javax.naming
Accessing naming services
javax.naming.directory
Provide functionality for accessing directory
services
javax.naming.event
Supporting event notification in naming and
directory service
javax.naming.ldap
LDAP v3-specific features that are not covered by
the more generic javax.naming.directory package
javax.naming.spi
Service Provider Interface

38
Example code
JNDI

Naming Example

import javax.naming. class Lookup public
static void main(String args)
Hashtable env new Hashtable(11)
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.fscontext.RefFSContextFactory")
String name /tmp/testfile
try Context ctx new
InitialContext(env) Object obj
ctx.lookup(name) ctx.close()
catch (NamingException e)
System.err.println("Problem looking up " name
" " e)
39
Example code
JNDI

Directory Example

class Getattr public static void
main(String args) Hashtable env new
Hashtable(11) env.put(Context.INITIAL_CON
TEXT_FACTORY, "com.sun.jndi.ldap.LdapC
txFactory") env.put(Context.PROVIDER_URL,
"ldap//localhost389/oJNDITutorial")
try DirContext ctx new
InitialDirContext(env) Attributes
attrs ctx.getAttributes("cnTed Geisel,
ouPeople") System.out.println("sn
" attrs.get("sn").get())
ctx.close() catch (NamingException e)
System.err.println("Problem getting
attribute " e)
40
Example code
JNDI

Binding Unbinding

Context ctx . // Create object to be
bound Fruit fruit new Fruit(orange) //
Perform bind ctx.bind(favorite,
fruit) . // Remove binding ctx.unbind(favori
te)
41
Programming Patterns
JNDI

How to access environment entries
Program code
Deployment Descripter(DD)

Context initCtx new InitialContext() Context
myEnv (Context)initCtx.lookup(javacomp/env)
Integer max (Integer)myEnv.lookup(maxExemption
s)
ltenv-entrygt ltdescriptiongt The maximum number
of tax exemptions allowed to be set
lt/descriptiongt ltenv-entry-namegtmaxExemptionslt/
env-entry-namegt ltenv-entry-typegtjava.lang.Inte
gerlt/env-entry-typegt ltenv-entry-valuegt15lt/env-
entry-valuegt lt/env-entrygt
42
Programming Patterns
JNDI

How to access database
Program code
Property files

Context initCtx new InitialContext() DataSource
ds (DataSource)initCtx.lookup(javacomp/env/jd
bc/AccountDB) Connection con
ds.getConnection()
jdbc.driversoracle.jdbc.driver.OracleDriver jdbc
.datasourcesjdbc/Oraclejdbcoraclethin_at_rtc1521
acct
43
Programming Patterns
JNDI

How to use EJB references
Program code
Deployment Descripter(DD)

Context initCtx new InitialContext() Object
result initCtx.lookup(javacomp/env/ejb/EmplRec
ord) EmployeeRecordHome emplRecordHome
(EmployeeRecordHome)javax.rmi.
PortableRemoteObject.narrow(result,EmployeeRecor
dhome.class)
ltejb-refgt ltdescriptiongt This is a reference
to the entity bean lt/descriptiongt
ltejb-ref-namegtejb/EmplRecordlt/ejb-ref-namegt
ltejb-ref-typegtEntitylt/ejb-ref-typegt
lthomegtcom.wombat.empl.EmployeeRecordHomelt/homegt
ltremotegtcome.wombat.empl.EmployeeRecordlt/remotegt
44
Clustering methods
JNDI

Based on JNDI implementation in WAS
Independent JNDI tree for each application server
Scalability
No failover or developers responsibility
HP Bluestone Total-e-Server, SilverStream App.
Server
Centralized JNDI tree cluster
Utilize CORBAs CosNaming service
Long cluster convergence
Sybase Enterprise Application Server
Shared global and local JNDI tree
Scalability and high availability
BEA WebLogic Application Server

45
Summary
JNDI

Unified interface to multiple naming and
directory services in the enterprise
Conert with other J2EE technologies to organize
and locate components in a distributed computing
environment
Support real portability and seamless
connectivity to Java applications
Flexible architecture

46
References
JNDI

JNDI tutorial
http//java.sun.com/products/jndi/tutorial
Java 2 EE Platform and Component Specification
Shannon, Addison Wesley 2000
Java 2 Enterprise Edition homepage
http//java.sun.com/j2ee/
JNDI overview
http//www.javaworld.com/javaworld/jw-01-2000/jw-0
1-howto.html
J2EE clustering, Part 1
http//www.javaworld.com/javaworld/jw-02-2001/

47
Java 2 Enterprise Edtion

J2EE components

48
Java 2 Enterprise Edition

Container
Allows many component behaviors to be specified
at deployment time, rather than in program code
Hide complexity
Transaction support
Resource pooling
Life cycle management
Enhance portability
Connector
Define a portable service API to plug into
existing enterprise vendor offerings
Promote flexibility by enabling a variety of
implementations of specific services

49
Application
J2EE