Implementing Caching with Implementing Caching with Standard OpenLDAPStandard OpenLDAP

Johan Jönemo, Lund University

2

““GlobusLDAP” → OpenLDAPGlobusLDAP” → OpenLDAP

Why: Standard OpenLDAP is already widely spread and accepted. It is also maintained and updated frequently to address e.g. security issues.

How: Different approaches were considered (and tried). The plethora of back-ends and overlays seemed to offer rich possibilities.

However: A different solution was chosen.

3

How – apparently – not to do itHow – apparently – not to do it

OpenLDAP has several back-ends that tie it to different scripting languages as well as different overlays to modify its behaviour.

Unfortunately they lie slightly beside the main development main stream. They each seem to be either experimental or obsolete.

Furthermore or quite possibly as a consequence of this, in practice, OpenLDAP is often distributed with a limited selection of back-ends and overlays.

4

Instead do thisInstead do this

Configure a normal (almost) directory.

Run the existing information provider code periodically and insert the information in the directory.

This gives fast responses to queries, only a static directory has to be queried.

5

DetailsDetails

Based on back-hdb, a back-end that moves subtrees in constant time while being transaction-safe. This is in practice always included in every OpenLDAP package.

Builds in a separate “build”-tree and switches trees to keep consistency.

6

Current StatusCurrent Status

Alpha

Adding features for:Tweaking update frequencyTweaking prioritiesSuggest more by emailing me...