Atom and LDAP sitting in a tree...

"Tree", as in a directory information tree. Its been slightly over a year since Don and I had a gee whiz moment to front end the directory server with Atom and the Atom Publishing Protocol (APP). A year ago might have been a bit too early for a directory based APP server, though its clearly the right time now. Why?
  • Finally, there's a directory server that is lightweight, very fast (read AND write), and developer friendly - OpenDS
  • The APP spec appears to be close to completion
  • Facilities for search and user authorization are noticeably absent from the APP spec (that's a good thing)
  • DSML (LDAP over XML) is deader than a doornail
  • Think "syndicated databases"; i.e., databases queried, edited and generally mangled via feeds. I know I'm not the only one thinking about it (checkout Google GBase and Yahoo Pipes).


Atom, APP, and OpenDS
  • Atom is a simple, extensible specification that describes lists of related information. In its simplest form it is no more than a blog feed.
  • APP is a web-based protocol for publishing, editing and retrieving web resources; e.g., Atom documents, xhtml, images, podcast episodes, et al. APP relies on tried and true HTTP and ReST interfaces gaining it a distinct advantage over previous attempts. That is, a widely deployed infrastructure, simple to grok, and relatively simple server and client side implementations.
  • OpenDS is an open source, 100% Java directory service

Why is an OpenDS based Atom server interesting?
  • I have yet to see an Atom/APP implementation application that is identity aware. That is, a server that has intrinsic user knowledge with regards to roles, authorization, authentication mechanisms and user relationships
  • Most certainly not file based. Resources posted and fetched are stored in the directory thus enabling synchronization, access control, search, etc.
  • Powerful, ReST search based on LDAP Urls
  • Built on a scalable architecture. Back-ended by OpenDS, front-ended by Glassfish application server, and written atop Java

What can you do with it?
  • "Web 2.0" enable your directory. Atom is easily parsed within a web browser and for that matter any other HTTP agent. Therefore, access to the info rich directory is more accessible to external applications and more easily programmed by the neophyte LDAP developer.
  • Centrally secure, replicate, and backup Atom documents;e.g., blogs in the directory
  • Re-use existing infrastructure and expertise (directory server) to store next gen web content, again, in a secure, scalable fashion
  • Monitor the directory through feeds. A simple search on the OpenDS monitor (/atom/search?q=cn=monitor??sub?) dumps a feed of all significant directory statistics
  • ...

Where can you get it (and contribute to it!)?

Right here, in the first OpenDS sub-project @ http://atom.dev.java.net

Comments:

[Trackback] Trey Drake: wow.  [via Dave Johnson, Bill de hÓra, and James Snell]

Posted by Sam Ruby on May 26, 2007 at 11:15 AM CDT #

the only entity i could think to compare against would be gdata. it doesnt use APP per se, but it does riff off the general RESTiness we see in APP, and it definitely uses a permutation of atom (that i personally think makes a lot of sense). of course, the difference is gdata is the api, and this insane awsomeness is simply a web api on top of an existing ldap infrastructure, which is just fantastic. i unfortuantely dont know nearly enough about managing security in an LDAP environment to be able to hack out data environments in LDAP. LDAP provides many hammers but the net provides extremely little in terms of best practices. i've setup quite a number of ldap databases and although some of them did end up viable, i've never been particularly happy with the implementation. can users do things like create APP workspaces and upload arbitrary data into the directory?

Posted by rektide on May 29, 2007 at 03:57 AM CDT #

We're hoping to fix the "best practices" problem, at least as far as best practices go with OpenDS. You'll find that the users and dev aliases or very responsive. Also checkout www.opends.org/wiki. <hr/> The Atom project does explicitly setup a user workspace and a default set of collections (entry and media) for publishing arbitrary Atom data; e.g., blogs. I'll document it soon, but it should work out of the box. In the future this facility will be configurable. At the moment the workspace is created in a separate bucket directly beneath the user's DN; e.g., ou=workspace,uid=treydrake,ou=people,dc=example,dc=com. See the docs and wiki @ atom.dev.java.net and feel free to post your questions on the Atom mailing list. Thanks! Trey

Posted by Trey Drake on May 29, 2007 at 02:30 PM CDT #

Hi Trey, James McGovern raises an interesting point here - quoting James: "[...] I would love to understand how Directory Servers should be licensed? If by entry, then using as a blog platform would be a bad idea. I hope that Pat Patterson would agree?" I guess the licensing model for OpenDS is still way out on the horizon???

Posted by Pat Patterson on June 22, 2007 at 08:54 AM CDT #

OpenDS is 100% opensource and completely free to extend and deploy. It remains to be seen how Sun and/or other ISVs will price a commercially licensed OpenDS derivative. I believe, correct me if I'm wrong, that the current Sun, commercial offering does provide a per-employee/subscriber pricing model which IMO is compatible with its use as a blog data store.

Posted by Trey Drake on June 25, 2007 at 03:09 AM CDT #

Interesting thing!
This is my first time comment at your blog.
Good recommended website.

Posted by z.l.q on February 22, 2010 at 01:33 PM CST #

Hi Trey
Interesting thing!
This is my first time comment at your blog.
the only entity i could think to compare against would be gdata.

Posted by Satellite TV for PC 2010 on April 13, 2010 at 11:12 PM CDT #

I would love to understand how Directory Servers should be licensed? If by entry, then using as a blog platform would be a bad idea. I hope that Pat Patterson would agree?" I guess the licensing model for OpenDS is still way out on the horizon???

Posted by cartier watch on May 29, 2010 at 09:32 PM CDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

treydrake

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today