JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Directory Server Enterprise Edition Reference 11 g Release 1 (
search filter icon
search icon

Document Information


1.  Directory Server Enterprise Edition File Reference

Software Layout for Directory Server Enterprise Edition

Directory Server Instance Default Layout

Directory Proxy Server Instance Default Layout

Part I Directory Server Reference

2.  Directory Server Overview

3.  Directory Server LDAP URLs

4.  Directory Server LDIF and Search Filters

5.  Directory Server Security

6.  Directory Server Monitoring

7.  Directory Server Replication

8.  Directory Server Data Caching

9.  Directory Server Indexing

10.  Directory Server Logging

11.  Directory Server Groups and Roles

12.  Directory Server Class of Service

13.  Directory Server DSMLv2

14.  Directory Server Internationalization Support

Part II Directory Proxy Server Reference

15.  Directory Proxy Server Overview

Introduction to Directory Proxy Server

Directory Proxy Server Architecture

Overview of Directory Proxy Server Features

16.  Directory Proxy Server Load Balancing and Client Affinity

17.  Directory Proxy Server Distribution

18.  Directory Proxy Server Virtualization

19.  Connections Between Directory Proxy Server and Backend LDAP Servers

20.  Connections Between Clients and Directory Proxy Server

21.  Directory Proxy Server Client Authentication

22.  Security in Directory Proxy Server

23.  Directory Proxy Server Logging

24.  Directory Proxy Server Alerts and Monitoring


Directory Proxy Server Architecture

This section briefly presents the new Directory Proxy Server architecture and what is new compared to 5.2. Its aim is to help you understand why literal translation of some 5.2 configuration attributes is not possible.

A Directory Proxy Server instance proxies client application requests to data sources through data views. Data sources and pools of data sources correspond to load balanced groups from 5.2.

Data views, however, are new. They do not correspond to anything present in 5.2. Fundamentally Directory Proxy Server handles incoming connections individually, assigning a connection handler when the connection is opened, and reassigning a connection handler upon rebind when the bind identity changes.

The connection handler gives Directory Proxy Server a set of policy rules for making decisions about what to do with operations requested through a given connection. Connection handlers correspond roughly to network groups in 5.2, yet whereas network groups are configured to use load balanced groups directly.

Directory Proxy Server uses connection handlers mainly to determine policies about a connection, so it can take appropriate decisions about operations performed on that connection. For example, if a connection handler is configured to prevent write operations on a certain connection, Directory Proxy Server can use that property of the policy to short circuit evaluations concerning write operation requests on that connection. In this case, the appropriate errors are returned to the client as soon as Directory Proxy Server has decoded the operation.

LDAP operations on a connection are handled in Directory Proxy Server first through data views. Data views enable Directory Proxy Server to perform DN-based routing. In other words, operations concerning one set of data can be sent to one set of data sources, and operations concerning another set of data can be sent elsewhere. This new architectural form seems unnecessary when you look at it from the point of view of reproducing a 5.2 configuration. Yet data views become indispensable when you want to distribute different directory data across various directories, or when you want to recover different data from disparate data sources to present a virtual directory view of those sources to a client application.

Data views therefore enable Directory Proxy Server to select the data sources via a data source pool to handle the LDAP operation. Data source pools, which correspond to 5.2 load balanced groups, represent sets of data sources each holding equivalent data. A pool defines the load balancing and failover management that Directory Proxy Server performs to spread load across different data sources. As load balancing is performed per operation, the balancing itself is by nature operation based.

Data sources can be understood as sources of data for reads, and sinks of data for writes. Directory Proxy Server handles the following kinds of data sources:

Directory Proxy Server 5.2 was essentially a connection based router. In Directory Proxy Server 5.2, a client connection was routed to a directory server. All requests from that client connection were sent to the same directory server until the connection was broken. For compatibility, Directory Proxy Server can be configured to behave in a similar way to Directory Proxy Server 5.2. For information about how to configure this, see Configuring Directory Proxy Server as a Connection Based Router in Oracle Directory Server Enterprise Edition Administration Guide. For information about how to migrate to this version of Directory Proxy Server, see the Oracle Directory Server Enterprise Edition Upgrade and Migration Guide.