Oracle® Internet Directory Application Developer's Guide 10g (9.0.4) Part Number B10461-01 |
|
This appendix contains the following sections:
Directory services form a core part of distributed computing. XML is becoming the standard markup language for Internet applications. As directory services are brought to the Internet, there is a pressing and urgent need to express the directory information as XML data. This caters to the growing breed of applications that are not LDAP-aware yet require information exchange with a LDAP directory server.
Directory Services Mark-up Language (DSML) defines the XML representation of LDAP information and operations. The LDAP Data Interchange Format (LDIF) is used to convey directory information, or a set of changes to be applied to directory entries. The former is called Attribute Value Record and the latter is called Change Record.
Using DSML with Oracle Internet Directory and Internet applications makes it easier to flexibly integrate data from disparate sources. Also, DSML enables applications that do not use LDAP to communicate with LDAP-based applications, easily operating on data generated by an Oracle Internet Directory client tool or accessing the directory through a firewall.
DSML is based on XML,which is optimized for delivery over the Web. Structured data in XML will be uniform and independent of application or vendors,thus making possible numerous new flat file type synchronization connectors. Once in XML format, the directory data can be made available in the middle tier and have more meaningful searches performed on it.
A DSML version 1 document describes either directory entries, a directory schema or both. Each directory entry has a universally unique name called a distinguished name (DN). A directory entry has a number of property-value pairs called directory attributes. Every directory entry is a member of a number of object classes. An entry's object classes constrain the directory attributes the entry can take. Such constraints are described in a directory schema, which may be included in the same DSML document or may be in a separate document.
The namespace
URI [9] of DSMLv1 is http://www.dsml.org/DSML
. All the XML element tags may be prefixed with dsml
string. (that is, a namespace
prefix).
The following subsections briefly explain the top-level structure of DSML and how to represent the directory and schema entries.
The top-level document element of DSML is of the type dsml
, which may have child elements of the following types:
directory-entries directory-schema
The child element directory-entries may in turn have child elements of the type entry. Similarly the child element directory-schema may in turn have child elements of the types class and attribute-type.
At the top level, the structure of a DSML document is thus:
<dsml:dsml xmlns:dsml=http://www.dsml.org/DSML>
<!- a document with directory & schema entries -->
<dsml:directory-entries>
<dsml:entry dn="...">...</dsml:entry>
.....
</dsml:directory-entries>
......
<dsml:directory-schema>
<dsml:class id="..." ...>...</dsml:class>
<dsml:attribute-type id="..." ...>...</dsml:attribute-type>
........... </dsml:directory-schema>
</dsml:dsml>
The element type entry
represents a directory entry in a DSML document. The entry
element contains elements representing the entry's directory attributes. The distinguished name of the entry is indicated by the XML attribute dn
.
XML entry to describe the directory entry is as follows
<dsml:entry dn="uid=Heman, c=in, dc=oracle, dc=com"> <dsml:objectclass>
<dsml:oc-value>top</dsml:oc-value>
<dsml:oc-value ref="#person">person</dsml:oc-value>
<dsml:oc-value>organizationalPerson</dsml:oc-value>
<dsml:oc-value>inetOrgPerson</dsml:oc-value>
</dsml:objectclass> <dsml:attr name="sn">
<dsml:value>Siva</dsml:value></dsml:attr>
<dsml:attr name="uid">
<dsml:value>Heman</dsml:value></dsml:attr>
<dsml:attr name="mail">
<dsml:value>Svenugop@Oracle.com</dsml:value></dsml:attr>
<dsml:attr name="givenname">
<dsml:value>Siva V. Kumar</dsml:value></dsml:attr>
<dsml:attr name="cn">
<dsml:value>Siva Kumar</dsml:value></dsml:attr>
The oc-value's ref
is a URI Reference to a class element that defines the object class. In this case it is a URI [9] Reference to the element that defines the person
object class. The child elements objectclass
and attr
is used to specify the object classes and the attributes of a directory entry.
The element type class
represents a schema entry in a DSML document. The class
element takes an XML attribute id
to make referencing easier.
For example, the object class definition for the person
object class might look like the following:
<dsml:class id="person" superior="#top" type="structural"> <dsml:name>person</dsml:name>
<dsml:description>...</dsml:description>
<dsml:object-identifier>2.5.6.6</object-identifier>
<dsml:attribute ref="#sn" required="true"/>
<dsml:attribute ref="#cn" required="true"/>
<dsml:attribute ref="#userPassword" required="false"/>
<dsml:attribute ref="#telephoneNumber" required="false"/>
<dsml:attribute ref="#seeAlso" required="false"/>
<dsml:attribute ref="#description" required="false"/> </dsml:class> In a similar way the directory attributes are also described. For example the attribute definition for thecn
attribute may look like the following: <dsml:attribute-type id="cn"> <dsml:name>cn</dsml:name>
<dsml:description>...</dsml:description>
<dsml:object-identifier>2.5.4.3</object-identifier>
<dsml:syntax>1.3.6.1.4.1.1466.115.121.1.44</dsml:syntax> </dsml:attribute-type>
With the XML framework, you can now use non-ldap applications to access directory data. The XML framework broadly defines the access points and provides the following tools:
The Oracle Internet Directory client tools ldifwrite
generates directory data and schema LDIF files. If these LDIF files are converted to XML, then the XML file can be stored on an application server and queried. The response time to the client will be much less in this scenario compared to performing an LDAP operation as against an LDAP server.
|
![]() Copyright © 1999, 2003 Oracle Corporation. All Rights Reserved. |
|