Thursday Apr 30, 2009

LDAP or RDBMS - which one to use?

We were at a potential customer last week, where the problem statement was:

  1. We have several applications using RDBMS as the user repository, for user authentication. There are several databases for users, which may potentially have duplicates/li>
  2. We are expecting to grow rapidly, the current requirement of users is large and expected to grow exponentially.
  3. We would like to use Single sign on, in future

Considering the number of users required, and the primary requirement being user authentication, using an LDAP server like Sun Directory server enterprise edition (DSEE), seemed to make sense, and that's what we suggested. The next question was (similar to other customers), why do we need LDAP? and how does it compare it to a RDBMS? There are several, several reasons for using an LDAP server (like Sun DSEE or OpenDS) in these situations, like read's tend to be a lot faster, high availability situations like multi-master replication etc. Thanks to my friend Rajiv, we managed to get hold a fantastic technical white paper that highlights the difference's between LDAP and RDBMS, and where to use, what. I have uploaded it here, as I was unable to refer to the original Sun location.

I have reproduced this table here, from the whitepaper :

Of course, this does not solve the problem of removing user data duplication, which was the other requirement. For that, you will need a product like Sun Identity Manager, which will be used for data reconciliation, user synchronization, to basically create a "authoritative user repository" !! This is the key step, the next step, will be to roll-out things like single sign on etc ..

Tuesday Feb 10, 2009

Sun OpenDS, Sun Directory Server EE - Features comparison

Just like my previous blogpost, on Glassfish ESB, Java CAPS, we also get asked by partners, customers on the differences and where to use, OpenDS or Sun DSEE. There is a good link, which is shown in an iFrame from the OpenDS web site:



Also, apart from the exhaustive list mentioned above, the following points are also worth noting:
  1. Sun DSEE is a old, well established product, used in almost all the large Fortune 500 companies across different verticals. OpenDS is a relatively new product, still in version 1.x, but has shaped up very well, and also has several customers who are using it.
  2. Sun DSEE is NOT open source, and is based on C/C++ code. Sun OpenDS is open source, and is written in Java. But, both are completely standards compliant.
  3. OpenDS, as of now, has only the Directory server. Sun DSEE is a suite of products, Directory server, AD sync, Directory proxy and Virtual Directory.
  4. Sun DSEE has a fantastic, admin console for central configuration and distribution.
  5. and much more ....
About

Ramblings of a Sun engineer based in Bangalore, India. Strictly my own views and not my employer's.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today