SlideShare a Scribd company logo

LDAP & Cocoon

mr.quinn
mr.quinn

Real life, down-to-earth Cocoon and LDAP

TechnologyEducation
1 of 25
Download to read offline
LDAP & Cocoon Real life, down-to-earth Cocoon and LDAP a talk by : Ross McDonald & Jeremy Quinn @ I want you to believe every word I say I want you to believe every thing I do CocoonGT 2006 Toots and the Maytals 1 Wait for the audience to calm down :-)
Why this talk ? ? ? ¿¿ !! ?? ?? ? !! # !! ?? ?? ?? ? LDAP .... The missing manual 2 Ross: Can you guess who is who ? Jeremy: Why are we doing this talk? (because Ross cried like a baby when he saw the state of the docs) Ross: it is geared to people like us.. who want to create an 'enabling' framework, so others can get on with the work, it does not take a vastly experienced cocoon developer to do this, when there are well documented examples Ross: How are we qualified? We have both built registration systems using LDAP and Cocoon Ross: We are just typical users ... now that we have fought our way to an implementation, we want to make it easy for others. And it never hurts to have a little more documentation around!
What is LDAP Lightweight Directory Access Protocol A standard for accessing directory services over networks A modern lightweight successor to X500, WHOIS etc etc 3 Very brief definition of what LDAP is Ross: LDAP stands for “Lightweight Directory Access Protocol” Jeremy: LDAP is not a database, it is a protocol for accessing directory information Ross: It turns out that LDAP is really not as complicated as you might first expect, my understanding and opinion has totally changed on it over the last four months.. initially I was very skeptical.. now I have found myself championing it in the workplace!
When and why should I use LDAP ? Hierarchical Data Distributed Data Store Almost Anything Fast, Scalable, Searchable 4 Ross: Just launched a project with a massive emphasis on LDAP in collaboration with Sourcesense, they provided the LDAP and data setup, we had to write the code to integrate it into our websites Ross: It turns out LDAP is very good at authentication, and personalisation Jeremy: when I worked for Luminas, we used LDAP on a project for a big university etc.
Hierarchical Data An address book comprising dc=ldap, dc=cocoongt, dc=org ou=addressbook multiple departments ou=directors cn=Arjé Cahn Departments comprising ou=muppets multiple contact entries cn=Jeremy Quinn cn=Ross McDonald Contact entries could contain ou=locations more hierarchy cn=Conference Room cn=Hackathon Room ou=devices cn=WIFI Router cn=Coffee Machine 5 Ross: its just not fun creating and maintaining hierarchies in RDB Ross: In our app we chose to use multi-level data because this is something worth documenting within LDAP, it is not necessarily intuitive... In the course of our most recent project, I had to explain the workings of LDAP and working with its data to several colleagues, ranging from project managers to designers, and understanding LDAP itself proved the biggest hurdle... Later on, we will look at how simple it is in fact to work with structured data.
Distributed Data Aggregate datasources dc=ldap, dc=cocoongt, dc=org Reference external sources ou=addressbook ou=directors Load Balance ou=muppets ou=comitters Replicate automatically ou=members ou=addressbook dc=ldap, dc=apache, dc=org 6 Jeremy: you can join dierent info sources together, here is a conceptual example of adding the ou=comitters group to our addressbook Ross: easier replication than MySQL, which forces storage to be in-memory
Store Almost Anything UTF-8 Strings, Booleans, Numbers, Phone Numbers, Dates, Email Addresses, Postal Addresses, Certificates, Passwords, Image, Audio, References, Directory Paths, URLs, Countries, etc. etc. Multivalued Attributes 7 Jeremy: textual, binary, numeric etc.
Mean Machine Searching Fast Scalable BASE : Where? SCOPE : How deep? FILTER : Find What? Searchable { equality presence Standards-based substring and/or like etc. } RETURN : Which Attrs? 8 Ross: easy access from a given node instantly, no need to do lots of Table joins Ross: We had a 23gig instance for just our UK data Jeremy: LDAP directories are heavily optimized for read performance Jeremy: Above is an example of the kind of criteria you can use to describe a search Ross: LDAP is such an open standard, and now with SyncML data may be read from many dierent devices, for gadget freaks like me, thats fun! You can have one central contacts and calendaring system, synchronising to all your devices.
What LDAP is NOT Not well documented Not a replacement for SQL Not so good for dynamic data 9 Quickly dispel some myths Ross: It is more dificult to setup that an RDBs Jeremy: Hang on, it is much easier than that !! Ross: Only because I worked it out and told you how, you feckwit :-)
Examples of Googling Google results 10 Just a quick example of what was available... Ross: So unfortunately, the web was lacking a beginning to end example, and what there was, had some inaccuracies.. don’t worry, we fixed up the javadocs!
A Contrived Example create remove update delete Sample CRUD Application JXT + CForms + Flowscript Uses LDAPEntryManager Written in one day 11 Jeremy: demo of adding a record, browsing the app, show a search in AddressBook.app
Getting Started why might this be perceived as difficult ? Define your Structure Configure your Server Populate your Server Alphabet Soup . . . . 12 Ross: lack of documentation Jeremy: SORRY !!!! ;)
Define your Structure dn: dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: dcObject objectClass: organization dc: cocoongt o: Cocoon GetTogether LDAP dn: ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: addressbook dn: ou=muppets,ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: muppets dn: ou=directors,ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: directors 13 Jeremy: Many pre-defined Schemas, DataTypes and Attributes for specific tasks Ross: We chose a standard schema that enables connection to multiple remote entities with no configuration...EMail Clients, addressbooks
Configure your Server ## # slapd.conf file for Addressbook Sample ## include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/samba.schema include /etc/openldap/schema/apple.schema pidfile /var/run/slapd.pid argsfile /var/run/slapd.args allows bind_v2 schemacheck off database bdb directory /var/db/openldap/openldap-data/ suffix quot;dc=ldap,dc=cocoongt,dc=orgquot; rootdn quot;dc=ldap,dc=cocoongt,dc=orgquot; # MD5 hash of 'secret' rootpw {SSHA}G0ul9DgKDPWKoQnxIQV6VNvuIu8Bfboz 14 Jeremy: This is from the sample App we provide, it is a setup for MacOSX that has OpenLDAP already installed but not running. Ross: Once again, things are never straight forward, after some research you eventually realise that the mac instance of openldap is configured to dislike plain text passwords :-)
Populate your Server # sample data to fill the addressbook dn: cn=Rossputin McDonald, ou=muppets, ou=addressbook, dc=ldap, dc=cocoongt, dc=org objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson cn: Rossputin McDonald gn: Rossputin sn: McDonald mail: rossputin@rossputin.org physicalDeliveryOfficeName: Cocoon GetTogether LDAP postalAddress: PO BOX 55555 l: Newbury st: Berkshire postalCode: RG19 4QL telephoneNumber: 666 facsimileTelephoneNumber: 666 pager: 666 mobile: 666 homePhone: 666 ou: muppets dn: cn=Jeremy Quinn, ou=muppets, ou=addressbook, dc=ldap, dc=cocoongt, dc=org objectClass: top objectClass: person objectClass: organizationalPerson 15 objectClass: inetOrgPerson Jeremy: ThisQuinn cn: Jeremy is some sample data from the App we provide, to pre-populate the repository Jeremy: Here we use the LDIF - text format, you may also use the XML format - DSML gn: Jeremy sn: Quinn mail: jeremy@apache.org physicalDeliveryOfficeName: Cocoon GetTogether LDAP, Muppet Department postalAddress: PO BOX 666666 l: Brixton st: London postalCode: SW2 telephoneNumber: 77777777 facsimileTelephoneNumber: 667777776 pager: 7676767 mobile: 677677677
Alphabet Soup Many Attributes (RFC 1779) cn : Common Name gn : Given Name sn : Surname mail : Email Address o : organisation physicalDeliveryOfficeName : Department Name postalAddress : Address Line 1 l : Address Line 2 st : Address Line 3 postalCode : Post Code c : Country telephoneNumber : Office Number facsimileTelephoneNumber : Fax Number pager : Pager Number X.500 Varieties mobile : Mobile Number homePhone : Home Number ou : Organisational Unit dc : Domain Component dn : Distinguished Name 16 Jeremy: There are many pre-defined Attributes, they come from X.500 Ross: How many designers and developers looking at LDAP for the first time are going to make anything meaningful of all this ?
LDAP Component using it from your own code Which Component should I use? Adding the Naming Block Adding the LDAPEntryManager Code Hierarchy Calling the LDAPEntryManager 17 Ross: Discuss the merits of the dierent options in Cocoon ? After some research, and a chat with Jeremy, we chose to use the LDAPEntryManager, as it oered a more flexible solution Jeremy: runs through the setup
The Naming Block local.blocks.properties #-----[dependency]: quot;itextquot; depends on quot;xspquot; (for samples). include.block.itext=false include.block.jfor=false include.block.jsp=false #-----[dependency]: quot;linkrewriterquot; depends on quot;xspquot;. include.block.linkrewriter=false #-----[dependency]: quot;lucenequot; is needed by quot;querybeanquot;. include.block.lucene=false include.block.midi=false #include.block.naming=false #-----[dependency]: quot;ojbquot; depends on quot;databasesquot; (for samples), quot;formsquot; (for samples), quot;hsqldbquot; (for samples), quot;xspquot; (for samples). #-----[dependency]: quot;ojbquot; is needed by quot;javaflowquot;, quot;portalquot;, quot;querybeanquot;. include.block.ojb=false include.block.paranoid=false include.block.poi=false now recompile 18 Setting up the naming block
LDAPEntryManager component role=quot;org.apache.cocoon.components.naming.EntryManagerquot; class=quot;org.apache.cocoon.components.naming.LDAPEntryManagerquot; logger=quot;flow.ldapquot; parameter name=quot;ldap-hostquot; value=quot;ldap://localhost:389quot;/ parameter name=quot;ldap-basequot; value=quot;ou=addressbook,dc=ldap,dc=cocoongt,dc=orgquot;/ parameter name=quot;ldap-userquot; value=quot;dc=ldap,dc=cocoongt,dc=orgquot;/ parameter name=quot;ldap-passquot; value=quot;secretquot;/ /component Add the Component to cocoon.xconf 19 Setting up the Component explain the base context, we do not need to use ou=addressbook inside the app
Code Hierarchy flow.js -- (DisplayModel) -- AddressbookManager.js -- (Map of Arrays) -- LDAPEntryManager -- (javax.naming.directory.Attributes) -- j flow.js Display Model var AddressbookManager = { AddressbookManager.js binding: { firstname : quot;givenNamequot;, lastname : quot;snquot;, email : quot;mailquot;, Map of Arrays deptName : quot;physicalDeliveryOfficeNamequot;, address1 : quot;postalAddressquot;, address2 : quot;lquot;, address3 : quot;stquot;, LDAPEntryManager postcode : quot;postalCodequot;, ophone : quot;telephoneNumberquot;, fphone : quot;facsimileTelephoneNumberquot;, pager : quot;pagerquot;, javax.naming.directory.Attributes mphone : quot;mobilequot;, hphone : quot;homePhonequot;, dept : quot;ouquot; } javax.naming.* } 20 Flow layer, talks to AddressBook Application Layer, which talks to Component Application layer converts between Display Names and LDAP Attribute Names The LDAPEntryManager provides an extremely simplified set of common LDAP Methods and Data Types, to simplify access from FlowScript
Get, Use, Dispose function getPerson() { var uid = cocoon.parameters[quot;dnquot;]; var entrymanager = cocoon.getComponent(EntryManager.ROLE); try { var person = AddressbookManager.getPerson( entrymanager, uid ); cocoon.sendPage(cocoon.parameters[quot;screenquot;], {person: person}); } catch (e) { print(e); throw(e); } finally { cocoon.releaseComponent(entrymanager); } } 21 Ross: So.. how do we use Jeremy’s component within Cocoon? Flowscript! First we create an instance of the LDAPEntryManager component. Then we attempt to use it in a try catch block, before releasing resources in a ‘finally’ clause Easy right? Why then have we pushed this part of the talk towards the end, into the intermediate section ? Well flowscript is easy, its javascript... but what about those objects we get back from calls to Java.. our experience showed that many developers found it hard to know what to expect, sometimes an Array, sometimes a hashmap... Also, there is often a lack of structure in javascript, and spaghetti code can result, what is harder but infinitely better is to take time to structure the code, make it maintainable, provide a framework
Get a List of People /** Get a list of people from a department in the addressbook @param entrymanager the LDAP Component @param department the organisationalUnit to look in eg. ou=muppets @return a JavaScript Array of JavaScript person Objects */ AddressbookManager.getPeople = function(entrymanager, department) { var matchAttrs = new HashMap(), people = []; department = department ? department : quot;quot;; // prepare the query matchAttrs.put( quot;objectClassquot;, this.singleAttribute(quot;personquot;) ); // perform the query var results = entrymanager.find(department, matchAttrs); // convert to display model var it = results.keySet().iterator(), key; while (it.hasNext()) { key = it.next(); people[people.length] = this.bindPerson(key + quot;,quot; + department, results.get(key)); } return people; } 22 Ross: Here we see a sample of finding with the LDAPEntryManager component. We pass a filter to it, requesting results of type objectClass=person. We specify a department to look in, and return all the people found. We can put some pretty powerful filters in here in the matchAttrs hashmap. Most of this code is our ‘framework’, designed to make the designers / developers lives easier... very little of it is core to the component.
Manipulating Data var res = em.get(”ou=muppets”); var res = em.get(”cn=Jeremy Quinn, ou=muppets”); cn=Jeremy Quinn, ou=muppets, ou=addressbook, dc=ldap, .... 23 Ross: Our ldap.base is ou=addressbook,dc=ldap,dc=cocoongt,dc=org, the first get will return info on the muppets department Ross: Next we grab a contact from the muppets department... creating and updating are all as simple, we can jump to anywhere in the tree by working from right to left Ross: Our flowscript, using Jeremy’s LDAP Cocoon component exploits this, it is just not immediately obvious until you have seen an example... no joins, simple
Empowering developers and designers to build LDAP Applications Javascript skills are on the up (Ajax, Dojo etc) The cost of creating LDAP apps is down Well thought out frameworks are very productive 24 Ross: the key - flowscript, javascript skills are on the up, because of the Ajax/Dojo revolution Ross: javascript is easier, developers are a readily available resource Ross: We have LDAPEntryManager, all it takes then is to create a nice OO framework, and designers/ developers can roll out LDAP web apps rapidly and eectively
Tips and Tricks for large scale LDAP instances come see us after the talk look on the Cocoon Wiki to find our talk, sample app and tips 25

Recommended

Hadoop Inside
Hadoop InsideHadoop Inside
Hadoop InsideEun-Jo Lee
 
Introduction to Hadoop and Pig
Introduction to Hadoop and PigIntroduction to Hadoop and Pig
Introduction to Hadoop and Pigprash1784
 
Episodi II
Episodi IIEpisodi II
Episodi IILidiaLF
 
Mc donalds ii
Mc donalds iiMc donalds ii
Mc donalds iiInternational Communication Center
 
About "Apache Cassandra"
About "Apache Cassandra"About "Apache Cassandra"
About "Apache Cassandra"Jihyun Ahn
 
4 solutii its
4 solutii its4 solutii its
4 solutii itsmanyak871
 
Sso every where
Sso every whereSso every where
Sso every wherePaul Seiler
 
Eficientizarea IT - Temperfield
Eficientizarea IT - TemperfieldEficientizarea IT - Temperfield
Eficientizarea IT - TemperfieldTemperfield
 

Recommended

Hadoop Inside
Hadoop InsideHadoop Inside
Hadoop InsideEun-Jo Lee
 
Introduction to Hadoop and Pig
Introduction to Hadoop and PigIntroduction to Hadoop and Pig
Introduction to Hadoop and Pigprash1784
 
Episodi II
Episodi IIEpisodi II
Episodi IILidiaLF
 
Mc donalds ii
Mc donalds iiMc donalds ii
Mc donalds iiInternational Communication Center
 
About "Apache Cassandra"
About "Apache Cassandra"About "Apache Cassandra"
About "Apache Cassandra"Jihyun Ahn
 
4 solutii its
4 solutii its4 solutii its
4 solutii itsmanyak871
 
Sso every where
Sso every whereSso every where
Sso every wherePaul Seiler
 
Eficientizarea IT - Temperfield
Eficientizarea IT - TemperfieldEficientizarea IT - Temperfield
Eficientizarea IT - TemperfieldTemperfield
 
Federated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus IdFederated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus IdEDUTIC
 
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12MoscowJS
 
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnetEdugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnetEduserv
 
Инфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПОИнфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПОAlexey Vasyukov
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID ConnectAndreas Åkre Solberg
 
тезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системахтезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системахMikhail Vanin
 
Solutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii ITSolutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii ITacochy
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0Andreas Åkre Solberg
 
Nuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo DistributionsNuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo DistributionsNuxeo
 
Working with disconnected data in Windows Store apps
Working with disconnected data in Windows Store appsWorking with disconnected data in Windows Store apps
Working with disconnected data in Windows Store appsAlex Casquete
 
Configuring and managing a red
Configuring and managing a redConfiguring and managing a red
Configuring and managing a redzied01
 
Reactive fsharp
Reactive fsharpReactive fsharp
Reactive fsharpSkills Matter
 
Scala
ScalaScala
ScalaIulian Dogariu
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBMongoDB
 
F# for startups
F# for startupsF# for startups
F# for startupsjoelgrus
 
Registrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De AtribuireRegistrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De Atribuiredstanca
 
Обзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdMОбзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdMAndrey Markelov
 
Eunis federation2
Eunis federation2Eunis federation2
Eunis federation2HEAnet
 
Benefits of an Open environment with Wakanda
Benefits of an Open environment with WakandaBenefits of an Open environment with Wakanda
Benefits of an Open environment with WakandaAlexandre Morgaut
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...CA API Management
 
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...Ken Lin
 
MARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesMARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesDorothea Salo
 

More Related Content

Viewers also liked

Federated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus IdFederated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus IdEDUTIC
 
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12MoscowJS
 
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnetEdugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnetEduserv
 
Инфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПОИнфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПОAlexey Vasyukov
 
тезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системахтезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системахMikhail Vanin
 
Solutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii ITSolutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii ITacochy
 
Nuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo DistributionsNuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo DistributionsNuxeo
 
Working with disconnected data in Windows Store apps
Working with disconnected data in Windows Store appsWorking with disconnected data in Windows Store apps
Working with disconnected data in Windows Store appsAlex Casquete
 
Configuring and managing a red
Configuring and managing a redConfiguring and managing a red
Configuring and managing a redzied01
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBMongoDB
 
F# for startups
F# for startupsF# for startups
F# for startupsjoelgrus
 
Registrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De AtribuireRegistrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De Atribuiredstanca
 
Обзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdMОбзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdMAndrey Markelov
 
Eunis federation2
Eunis federation2Eunis federation2
Eunis federation2HEAnet
 
Benefits of an Open environment with Wakanda
Benefits of an Open environment with WakandaBenefits of an Open environment with Wakanda
Benefits of an Open environment with WakandaAlexandre Morgaut
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...CA API Management
 

Viewers also liked (20)

Federated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus IdFederated Identity, Accessing World-Wide Services with your Campus Id
Federated Identity, Accessing World-Wide Services with your Campus Id
 
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
"Без Бэкенда" — Андрей Саломатин — доклад на MoscowJS 12
 
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnetEdugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
Edugate/IE Federation - Glenn Wearen, Edugate Federation Operator, HEAnet
 
Инфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПОИнфраструктура_на_базе_открытого_ПО
Инфраструктура_на_базе_открытого_ПО
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID Connect
 
тезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системахтезисы к докладу по электронной аутентификации в государственных системах
тезисы к докладу по электронной аутентификации в государственных системах
 
Solutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii ITSolutii de Management Complet al Infrastructurii IT
Solutii de Management Complet al Infrastructurii IT
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
Nuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo DistributionsNuxeo World Session: Nuxeo Distributions
Nuxeo World Session: Nuxeo Distributions
 
Working with disconnected data in Windows Store apps
Working with disconnected data in Windows Store appsWorking with disconnected data in Windows Store apps
Working with disconnected data in Windows Store apps
 
Configuring and managing a red
Configuring and managing a redConfiguring and managing a red
Configuring and managing a red
 
Reactive fsharp
Reactive fsharpReactive fsharp
Reactive fsharp
 
Scala
ScalaScala
Scala
 
Building Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDBBuilding Your First App: An Introduction to MongoDB
Building Your First App: An Introduction to MongoDB
 
F# for startups
F# for startupsF# for startups
F# for startups
 
Registrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De AtribuireRegistrul Matricol Unic Documentatia De Atribuire
Registrul Matricol Unic Documentatia De Atribuire
 
Обзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdMОбзор Red Hat Directory Server и RHEL IdM
Обзор Red Hat Directory Server и RHEL IdM
 
Eunis federation2
Eunis federation2Eunis federation2
Eunis federation2
 
Benefits of an Open environment with Wakanda
Benefits of an Open environment with WakandaBenefits of an Open environment with Wakanda
Benefits of an Open environment with Wakanda
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
 

Similar to LDAP & Cocoon

Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...Ken Lin
 
MARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesMARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesDorothea Salo
 
Ruby tutorial
Ruby tutorialRuby tutorial
Ruby tutorialknoppix
 
Blazing Data With Redis (and LEGOS!)
Blazing Data With Redis (and LEGOS!)Blazing Data With Redis (and LEGOS!)
Blazing Data With Redis (and LEGOS!)Justin Carmony
 
CMF: a pain in the F @ PHPDay 05-14-2011
CMF: a pain in the F @ PHPDay 05-14-2011CMF: a pain in the F @ PHPDay 05-14-2011
CMF: a pain in the F @ PHPDay 05-14-2011Alessandro Nadalin
 
Spring one2gx2010 spring-nonrelational_data
Spring one2gx2010 spring-nonrelational_dataSpring one2gx2010 spring-nonrelational_data
Spring one2gx2010 spring-nonrelational_dataRoger Xia
 
Basho and Riak at GOTO Stockholm: "Don't Use My Database."
Basho and Riak at GOTO Stockholm: "Don't Use My Database."Basho and Riak at GOTO Stockholm: "Don't Use My Database."
Basho and Riak at GOTO Stockholm: "Don't Use My Database."Basho Technologies
 
Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Uche Ogbuji
 
Breaking first-normal form with Hive
Breaking first-normal form with HiveBreaking first-normal form with Hive
Breaking first-normal form with HiveEdward Capriolo
 
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013Aaron Blythe
 
C4l2008charper
C4l2008charperC4l2008charper
C4l2008charpercharper
 
Stathy DevOps in MSP / MKE on IAC
Stathy DevOps in MSP / MKE on IACStathy DevOps in MSP / MKE on IAC
Stathy DevOps in MSP / MKE on IACStathy Touloumis
 
It's OK to make a new folder within Rails.
It's OK to make a new folder within Rails.It's OK to make a new folder within Rails.
It's OK to make a new folder within Rails.cschaafsma
 
ORUG - Sept 2014 - Lesson When Learning Ruby/Rails
ORUG - Sept 2014 - Lesson When Learning Ruby/RailsORUG - Sept 2014 - Lesson When Learning Ruby/Rails
ORUG - Sept 2014 - Lesson When Learning Ruby/Railsdanielrsmith
 
Introduction to hadoop V2
Introduction to hadoop V2Introduction to hadoop V2
Introduction to hadoop V2TarjeiRomtveit
 
Building DSLs: Marriage of High Essence and Groovy Metaprogramming
Building DSLs: Marriage of High Essence and Groovy MetaprogrammingBuilding DSLs: Marriage of High Essence and Groovy Metaprogramming
Building DSLs: Marriage of High Essence and Groovy MetaprogrammingSkills Matter
 
Ruby on Rails Training - Module 1
Ruby on Rails Training - Module 1Ruby on Rails Training - Module 1
Ruby on Rails Training - Module 1Mark Menard
 
Devoxx 2008 - REST in Peace
Devoxx 2008 - REST in PeaceDevoxx 2008 - REST in Peace
Devoxx 2008 - REST in Peacestevenn
 

Similar to LDAP & Cocoon (20)

Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
Lotusphere 2007: ID204 - Take Control of Your IBM Lotus Domino Directory Infr...
 
MARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archivesMARC and BIBFRAME; Linking libraries and archives
MARC and BIBFRAME; Linking libraries and archives
 
Ruby tutorial
Ruby tutorialRuby tutorial
Ruby tutorial
 
Blazing Data With Redis (and LEGOS!)
Blazing Data With Redis (and LEGOS!)Blazing Data With Redis (and LEGOS!)
Blazing Data With Redis (and LEGOS!)
 
CMF: a pain in the F @ PHPDay 05-14-2011
CMF: a pain in the F @ PHPDay 05-14-2011CMF: a pain in the F @ PHPDay 05-14-2011
CMF: a pain in the F @ PHPDay 05-14-2011
 
Spring one2gx2010 spring-nonrelational_data
Spring one2gx2010 spring-nonrelational_dataSpring one2gx2010 spring-nonrelational_data
Spring one2gx2010 spring-nonrelational_data
 
Basho and Riak at GOTO Stockholm: "Don't Use My Database."
Basho and Riak at GOTO Stockholm: "Don't Use My Database."Basho and Riak at GOTO Stockholm: "Don't Use My Database."
Basho and Riak at GOTO Stockholm: "Don't Use My Database."
 
Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)
 
Breaking first-normal form with Hive
Breaking first-normal form with HiveBreaking first-normal form with Hive
Breaking first-normal form with Hive
 
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
 
C4l2008charper
C4l2008charperC4l2008charper
C4l2008charper
 
Ruby openfest
Ruby openfestRuby openfest
Ruby openfest
 
Stathy DevOps in MSP / MKE on IAC
Stathy DevOps in MSP / MKE on IACStathy DevOps in MSP / MKE on IAC
Stathy DevOps in MSP / MKE on IAC
 
It's OK to make a new folder within Rails.
It's OK to make a new folder within Rails.It's OK to make a new folder within Rails.
It's OK to make a new folder within Rails.
 
When?
When?When?
When?
 
ORUG - Sept 2014 - Lesson When Learning Ruby/Rails
ORUG - Sept 2014 - Lesson When Learning Ruby/RailsORUG - Sept 2014 - Lesson When Learning Ruby/Rails
ORUG - Sept 2014 - Lesson When Learning Ruby/Rails
 
Introduction to hadoop V2
Introduction to hadoop V2Introduction to hadoop V2
Introduction to hadoop V2
 
Building DSLs: Marriage of High Essence and Groovy Metaprogramming
Building DSLs: Marriage of High Essence and Groovy MetaprogrammingBuilding DSLs: Marriage of High Essence and Groovy Metaprogramming
Building DSLs: Marriage of High Essence and Groovy Metaprogramming
 
Ruby on Rails Training - Module 1
Ruby on Rails Training - Module 1Ruby on Rails Training - Module 1
Ruby on Rails Training - Module 1
 
Devoxx 2008 - REST in Peace
Devoxx 2008 - REST in PeaceDevoxx 2008 - REST in Peace
Devoxx 2008 - REST in Peace
 

Recently uploaded

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 

Recently uploaded (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 

LDAP & Cocoon

  • 1. LDAP & Cocoon Real life, down-to-earth Cocoon and LDAP a talk by : Ross McDonald & Jeremy Quinn @ I want you to believe every word I say I want you to believe every thing I do CocoonGT 2006 Toots and the Maytals 1 Wait for the audience to calm down :-)
  • 2. Why this talk ? ? ? ¿¿ !! ?? ?? ? !! # !! ?? ?? ?? ? LDAP .... The missing manual 2 Ross: Can you guess who is who ? Jeremy: Why are we doing this talk? (because Ross cried like a baby when he saw the state of the docs) Ross: it is geared to people like us.. who want to create an 'enabling' framework, so others can get on with the work, it does not take a vastly experienced cocoon developer to do this, when there are well documented examples Ross: How are we qualified? We have both built registration systems using LDAP and Cocoon Ross: We are just typical users ... now that we have fought our way to an implementation, we want to make it easy for others. And it never hurts to have a little more documentation around!
  • 3. What is LDAP Lightweight Directory Access Protocol A standard for accessing directory services over networks A modern lightweight successor to X500, WHOIS etc etc 3 Very brief definition of what LDAP is Ross: LDAP stands for “Lightweight Directory Access Protocol” Jeremy: LDAP is not a database, it is a protocol for accessing directory information Ross: It turns out that LDAP is really not as complicated as you might first expect, my understanding and opinion has totally changed on it over the last four months.. initially I was very skeptical.. now I have found myself championing it in the workplace!
  • 4. When and why should I use LDAP ? Hierarchical Data Distributed Data Store Almost Anything Fast, Scalable, Searchable 4 Ross: Just launched a project with a massive emphasis on LDAP in collaboration with Sourcesense, they provided the LDAP and data setup, we had to write the code to integrate it into our websites Ross: It turns out LDAP is very good at authentication, and personalisation Jeremy: when I worked for Luminas, we used LDAP on a project for a big university etc.
  • 5. Hierarchical Data An address book comprising dc=ldap, dc=cocoongt, dc=org ou=addressbook multiple departments ou=directors cn=Arjé Cahn Departments comprising ou=muppets multiple contact entries cn=Jeremy Quinn cn=Ross McDonald Contact entries could contain ou=locations more hierarchy cn=Conference Room cn=Hackathon Room ou=devices cn=WIFI Router cn=Coffee Machine 5 Ross: its just not fun creating and maintaining hierarchies in RDB Ross: In our app we chose to use multi-level data because this is something worth documenting within LDAP, it is not necessarily intuitive... In the course of our most recent project, I had to explain the workings of LDAP and working with its data to several colleagues, ranging from project managers to designers, and understanding LDAP itself proved the biggest hurdle... Later on, we will look at how simple it is in fact to work with structured data.
  • 6. Distributed Data Aggregate datasources dc=ldap, dc=cocoongt, dc=org Reference external sources ou=addressbook ou=directors Load Balance ou=muppets ou=comitters Replicate automatically ou=members ou=addressbook dc=ldap, dc=apache, dc=org 6 Jeremy: you can join dierent info sources together, here is a conceptual example of adding the ou=comitters group to our addressbook Ross: easier replication than MySQL, which forces storage to be in-memory
  • 7. Store Almost Anything UTF-8 Strings, Booleans, Numbers, Phone Numbers, Dates, Email Addresses, Postal Addresses, Certificates, Passwords, Image, Audio, References, Directory Paths, URLs, Countries, etc. etc. Multivalued Attributes 7 Jeremy: textual, binary, numeric etc.
  • 8. Mean Machine Searching Fast Scalable BASE : Where? SCOPE : How deep? FILTER : Find What? Searchable { equality presence Standards-based substring and/or like etc. } RETURN : Which Attrs? 8 Ross: easy access from a given node instantly, no need to do lots of Table joins Ross: We had a 23gig instance for just our UK data Jeremy: LDAP directories are heavily optimized for read performance Jeremy: Above is an example of the kind of criteria you can use to describe a search Ross: LDAP is such an open standard, and now with SyncML data may be read from many dierent devices, for gadget freaks like me, thats fun! You can have one central contacts and calendaring system, synchronising to all your devices.
  • 9. What LDAP is NOT Not well documented Not a replacement for SQL Not so good for dynamic data 9 Quickly dispel some myths Ross: It is more dificult to setup that an RDBs Jeremy: Hang on, it is much easier than that !! Ross: Only because I worked it out and told you how, you feckwit :-)
  • 10. Examples of Googling Google results 10 Just a quick example of what was available... Ross: So unfortunately, the web was lacking a beginning to end example, and what there was, had some inaccuracies.. don’t worry, we fixed up the javadocs!
  • 11. A Contrived Example create remove update delete Sample CRUD Application JXT + CForms + Flowscript Uses LDAPEntryManager Written in one day 11 Jeremy: demo of adding a record, browsing the app, show a search in AddressBook.app
  • 12. Getting Started why might this be perceived as difficult ? Define your Structure Configure your Server Populate your Server Alphabet Soup . . . . 12 Ross: lack of documentation Jeremy: SORRY !!!! ;)
  • 13. Define your Structure dn: dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: dcObject objectClass: organization dc: cocoongt o: Cocoon GetTogether LDAP dn: ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: addressbook dn: ou=muppets,ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: muppets dn: ou=directors,ou=addressbook,dc=ldap,dc=cocoongt,dc=org objectClass: top objectClass: organizationalUnit ou: directors 13 Jeremy: Many pre-defined Schemas, DataTypes and Attributes for specific tasks Ross: We chose a standard schema that enables connection to multiple remote entities with no configuration...EMail Clients, addressbooks
  • 14. Configure your Server ## # slapd.conf file for Addressbook Sample ## include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/samba.schema include /etc/openldap/schema/apple.schema pidfile /var/run/slapd.pid argsfile /var/run/slapd.args allows bind_v2 schemacheck off database bdb directory /var/db/openldap/openldap-data/ suffix quot;dc=ldap,dc=cocoongt,dc=orgquot; rootdn quot;dc=ldap,dc=cocoongt,dc=orgquot; # MD5 hash of 'secret' rootpw {SSHA}G0ul9DgKDPWKoQnxIQV6VNvuIu8Bfboz 14 Jeremy: This is from the sample App we provide, it is a setup for MacOSX that has OpenLDAP already installed but not running. Ross: Once again, things are never straight forward, after some research you eventually realise that the mac instance of openldap is configured to dislike plain text passwords :-)
  • 15. Populate your Server # sample data to fill the addressbook dn: cn=Rossputin McDonald, ou=muppets, ou=addressbook, dc=ldap, dc=cocoongt, dc=org objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson cn: Rossputin McDonald gn: Rossputin sn: McDonald mail: rossputin@rossputin.org physicalDeliveryOfficeName: Cocoon GetTogether LDAP postalAddress: PO BOX 55555 l: Newbury st: Berkshire postalCode: RG19 4QL telephoneNumber: 666 facsimileTelephoneNumber: 666 pager: 666 mobile: 666 homePhone: 666 ou: muppets dn: cn=Jeremy Quinn, ou=muppets, ou=addressbook, dc=ldap, dc=cocoongt, dc=org objectClass: top objectClass: person objectClass: organizationalPerson 15 objectClass: inetOrgPerson Jeremy: ThisQuinn cn: Jeremy is some sample data from the App we provide, to pre-populate the repository Jeremy: Here we use the LDIF - text format, you may also use the XML format - DSML gn: Jeremy sn: Quinn mail: jeremy@apache.org physicalDeliveryOfficeName: Cocoon GetTogether LDAP, Muppet Department postalAddress: PO BOX 666666 l: Brixton st: London postalCode: SW2 telephoneNumber: 77777777 facsimileTelephoneNumber: 667777776 pager: 7676767 mobile: 677677677
  • 16. Alphabet Soup Many Attributes (RFC 1779) cn : Common Name gn : Given Name sn : Surname mail : Email Address o : organisation physicalDeliveryOfficeName : Department Name postalAddress : Address Line 1 l : Address Line 2 st : Address Line 3 postalCode : Post Code c : Country telephoneNumber : Office Number facsimileTelephoneNumber : Fax Number pager : Pager Number X.500 Varieties mobile : Mobile Number homePhone : Home Number ou : Organisational Unit dc : Domain Component dn : Distinguished Name 16 Jeremy: There are many pre-defined Attributes, they come from X.500 Ross: How many designers and developers looking at LDAP for the first time are going to make anything meaningful of all this ?
  • 17. LDAP Component using it from your own code Which Component should I use? Adding the Naming Block Adding the LDAPEntryManager Code Hierarchy Calling the LDAPEntryManager 17 Ross: Discuss the merits of the dierent options in Cocoon ? After some research, and a chat with Jeremy, we chose to use the LDAPEntryManager, as it oered a more flexible solution Jeremy: runs through the setup
  • 18. The Naming Block local.blocks.properties #-----[dependency]: quot;itextquot; depends on quot;xspquot; (for samples). include.block.itext=false include.block.jfor=false include.block.jsp=false #-----[dependency]: quot;linkrewriterquot; depends on quot;xspquot;. include.block.linkrewriter=false #-----[dependency]: quot;lucenequot; is needed by quot;querybeanquot;. include.block.lucene=false include.block.midi=false #include.block.naming=false #-----[dependency]: quot;ojbquot; depends on quot;databasesquot; (for samples), quot;formsquot; (for samples), quot;hsqldbquot; (for samples), quot;xspquot; (for samples). #-----[dependency]: quot;ojbquot; is needed by quot;javaflowquot;, quot;portalquot;, quot;querybeanquot;. include.block.ojb=false include.block.paranoid=false include.block.poi=false now recompile 18 Setting up the naming block
  • 19. LDAPEntryManager component role=quot;org.apache.cocoon.components.naming.EntryManagerquot; class=quot;org.apache.cocoon.components.naming.LDAPEntryManagerquot; logger=quot;flow.ldapquot; parameter name=quot;ldap-hostquot; value=quot;ldap://localhost:389quot;/ parameter name=quot;ldap-basequot; value=quot;ou=addressbook,dc=ldap,dc=cocoongt,dc=orgquot;/ parameter name=quot;ldap-userquot; value=quot;dc=ldap,dc=cocoongt,dc=orgquot;/ parameter name=quot;ldap-passquot; value=quot;secretquot;/ /component Add the Component to cocoon.xconf 19 Setting up the Component explain the base context, we do not need to use ou=addressbook inside the app
  • 20. Code Hierarchy flow.js -- (DisplayModel) -- AddressbookManager.js -- (Map of Arrays) -- LDAPEntryManager -- (javax.naming.directory.Attributes) -- j flow.js Display Model var AddressbookManager = { AddressbookManager.js binding: { firstname : quot;givenNamequot;, lastname : quot;snquot;, email : quot;mailquot;, Map of Arrays deptName : quot;physicalDeliveryOfficeNamequot;, address1 : quot;postalAddressquot;, address2 : quot;lquot;, address3 : quot;stquot;, LDAPEntryManager postcode : quot;postalCodequot;, ophone : quot;telephoneNumberquot;, fphone : quot;facsimileTelephoneNumberquot;, pager : quot;pagerquot;, javax.naming.directory.Attributes mphone : quot;mobilequot;, hphone : quot;homePhonequot;, dept : quot;ouquot; } javax.naming.* } 20 Flow layer, talks to AddressBook Application Layer, which talks to Component Application layer converts between Display Names and LDAP Attribute Names The LDAPEntryManager provides an extremely simplified set of common LDAP Methods and Data Types, to simplify access from FlowScript
  • 21. Get, Use, Dispose function getPerson() { var uid = cocoon.parameters[quot;dnquot;]; var entrymanager = cocoon.getComponent(EntryManager.ROLE); try { var person = AddressbookManager.getPerson( entrymanager, uid ); cocoon.sendPage(cocoon.parameters[quot;screenquot;], {person: person}); } catch (e) { print(e); throw(e); } finally { cocoon.releaseComponent(entrymanager); } } 21 Ross: So.. how do we use Jeremy’s component within Cocoon? Flowscript! First we create an instance of the LDAPEntryManager component. Then we attempt to use it in a try catch block, before releasing resources in a ‘finally’ clause Easy right? Why then have we pushed this part of the talk towards the end, into the intermediate section ? Well flowscript is easy, its javascript... but what about those objects we get back from calls to Java.. our experience showed that many developers found it hard to know what to expect, sometimes an Array, sometimes a hashmap... Also, there is often a lack of structure in javascript, and spaghetti code can result, what is harder but infinitely better is to take time to structure the code, make it maintainable, provide a framework
  • 22. Get a List of People /** Get a list of people from a department in the addressbook @param entrymanager the LDAP Component @param department the organisationalUnit to look in eg. ou=muppets @return a JavaScript Array of JavaScript person Objects */ AddressbookManager.getPeople = function(entrymanager, department) { var matchAttrs = new HashMap(), people = []; department = department ? department : quot;quot;; // prepare the query matchAttrs.put( quot;objectClassquot;, this.singleAttribute(quot;personquot;) ); // perform the query var results = entrymanager.find(department, matchAttrs); // convert to display model var it = results.keySet().iterator(), key; while (it.hasNext()) { key = it.next(); people[people.length] = this.bindPerson(key + quot;,quot; + department, results.get(key)); } return people; } 22 Ross: Here we see a sample of finding with the LDAPEntryManager component. We pass a filter to it, requesting results of type objectClass=person. We specify a department to look in, and return all the people found. We can put some pretty powerful filters in here in the matchAttrs hashmap. Most of this code is our ‘framework’, designed to make the designers / developers lives easier... very little of it is core to the component.
  • 23. Manipulating Data var res = em.get(”ou=muppets”); var res = em.get(”cn=Jeremy Quinn, ou=muppets”); cn=Jeremy Quinn, ou=muppets, ou=addressbook, dc=ldap, .... 23 Ross: Our ldap.base is ou=addressbook,dc=ldap,dc=cocoongt,dc=org, the first get will return info on the muppets department Ross: Next we grab a contact from the muppets department... creating and updating are all as simple, we can jump to anywhere in the tree by working from right to left Ross: Our flowscript, using Jeremy’s LDAP Cocoon component exploits this, it is just not immediately obvious until you have seen an example... no joins, simple
  • 24. Empowering developers and designers to build LDAP Applications Javascript skills are on the up (Ajax, Dojo etc) The cost of creating LDAP apps is down Well thought out frameworks are very productive 24 Ross: the key - flowscript, javascript skills are on the up, because of the Ajax/Dojo revolution Ross: javascript is easier, developers are a readily available resource Ross: We have LDAPEntryManager, all it takes then is to create a nice OO framework, and designers/ developers can roll out LDAP web apps rapidly and eectively
  • 25. Tips and Tricks for large scale LDAP instances come see us after the talk look on the Cocoon Wiki to find our talk, sample app and tips 25