On 5/21/10 9:27 AM, Stefan Seelmann wrote:
Keheliya Gallaba schrieb:
Hello everyone,
I have come up with an architecture diagram [1], with the help of
Seelmann, for the LDAP diagnostic tool explaining the functionality of
the core. I thought of implementing the initial phase with JNDI and
moving to the new client API later. Please send your suggestions for
this approach, and about the existing code components I can reuse, from
Directory Studio.
[1] http://code.google.com/p/dirstudio-ldap-proxy/wiki/ArchitectureDiagram
When I look to this picture it reminds of the Wireshark tool. I looks
like the "LDAP Proxy Core" only listens to the communication stream. But
my understanding, and please correct me if I'm wrong, is that the proxy
really intercepts the communication.
Another though regarding JNDI and the new client API: I'm not sure if
you can work with such high-level API at all. You have to deal with
low-level LDAP messages, maybe you have to learn ASN.1.
Well, I think that you just need the API to resend the data to the
server. But here you have options :
- simply redirect the flow to the server without changing it
- or let the proxy connect to the remote server through the API.
Thinking more about it, and regarding the controls we don't support, it
seems a better options not to use the API or JNDI at all.
Now, it does not seems necessary to learn anything about ASN.1, we
already have all the needed decoders.
An example: one use case of the tool is to just log the LDAP messages
but leave them unmodified. In that case JNDI can't be used because you
can't control the message it creates. However you should take a look
into the LDAP API code and how it uses the underlying network layer
(Apache Mina) to send LDAP requests.
Learning about MINA is definitively a must.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
