Java Reference
In-Depth Information
features to look up arbitrary data for domains. These features are not used often
because standard DNS has no authentication and authorization controls.
Information in DNS is, inherently, public information.
21.3.2.2
The UNIX filesystems, NTFS, FAT, and other filesystems provide name-to-
data mappings that are compatible with JNDI. When they are combined with
networked filesystems, such as SMB, CIFS, NFS, and even
rsync
and FTP,
files can be made available over the network through JNDI.
Filesystems
21.3.2.3
LDAP is the “Lightweight Directory Access Protocol.” There is an old joke that
a platypus is a swan put together by a committee. If that is so, then it often
seems that LDAP is the platypus of name and directory services.
To be fair, LDAP has the heavy burden that goes with any standards that
are produced by a large committee-driven process. It has to try to be all things
to all people. LDAP is a query and transport protocol specification of the
ISO X.500 naming and directory service standard.
4
Like other ISO and ANSI
standards, the specification is robust to the point of uselessness. LDAP is de-
signed to allow every possible name system in the Universe to be subsumed into
a single, uniquely addressable Directory Information Tree. Every entry in
LDAP has a
distinguished name
, which is an unambiguous specification of the
name from the root of the tree. So far, this is like the other naming systems.
There is a root, there are nodes at each layer, and then, at the bottom, there is
data. What makes X.500 and LDAP different is that each node consists of not
just a name, but of a
type/name pair
. An example of an LDAP name might be:
LDAP
url=http://www.multitool.net/,cn=M. Schwarz,o=MAS Consulting,st=MN,c=us
4. If you are dying to know, X.500 is a naming and directory services standard from the Inter-
national Standards Organization (ISO), an international technical standards body. X.500 has
a transport and query protocol specification of its own, but it uses the ISO OSI (Open Systems
Interconnection) network protocol standard. OSI is rarely used because TCP/IP took off first
and has been hacked and hacked again to keep it alive and well. At one time, it looked like IP
address space limitations would push the world to OSI protocols, but hacks like CIDR, private
subnets, and now the (less hackish) IPv6 make it look like TCP/IP will be here for quite a
while. In a sense, then, LDAP is X.500 over TCP/IP. Or, to put it another way, LDAP is a
TCP/IP implementation of ISO X.500.
