Directory Proxy Server (Sun Java System Directory Server Enterprise Edition 6.2 Deployment Planning Guide)

Sun Java System Directory Server Enterprise Edition 6.2 Deployment Planning Guide

Directory Proxy Server

Directory Proxy Server is an LDAP application-layer protocol gateway. It is designed to deliver enhanced directory access control, schema compatibility, and high availability.

Directory Proxy Server and Availability

With features such as configurable load balancing, failover, and failback, Directory Proxy Server ensures that systems have access to required data.

Directory Proxy Server works with Directory Server to ensure reliability and to protect against denial-of-service attacks. Directory Proxy Server automatically routes requests appropriately and provides secure firewall-like services for Directory Server.

To prevent a single point of failure for mission-critical applications, Directory Proxy Server detects outages and routes traffic around affected areas, effectively load balancing requests across systems. When the affected areas are restored to operation, Directory Proxy Server detects the restored servers automatically.

For more information, see Using Directory Proxy Server as Part of a Redundant Solution.

Directory Proxy Server and Security

Directory Proxy Server accommodates large numbers of users who are accessing the directory and minimizes the security risks associated with providing this level of access. Security features enable administrators to determine where a request is coming from, whether the request is allowed, and what type of authentication is required. In the event of a search request, Directory Proxy Server can also ensure that the request meets minimum requirements.

Directory Proxy Server uses groups to define how to identify an LDAP client and what restrictions to enforce on clients that match a particular group. Groups can be defined using a variety of criteria.

To protect private directory information from unauthorized access, Directory Proxy Server can configure a fine-grained access control policy on LDAP directories. Such a policy can include controlling who can perform different types of operations on different parts of directories. Directory Proxy Server can be configured to prevent certain kinds of operations typically performed by web trawlers and robots in search of information.