This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes EJB and other Java EE Technologies and the fly likes is it possible Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "is it possible" Watch "is it possible" New topic
Author

is it possible

Monarch Bhojani
Ranch Hand

Joined: Feb 27, 2005
Posts: 46
hello sir
i m making on a chat application and it requires a ldap to be used as the directory service. I dont know as to how i would integrate the ldap to my server.

It goes like this when the user logs in his information must be transferred from the server or relative database to the ldap and ldap sould maintain the session of the current user.

Can it be possible and if so then how come??
or is it that user id will have to be passed via ldap for authentication.
how would ldap come into picture and if i m having n open ldap 2.2.23 srver how to onfigure it to make it work or run.

regards
Monarch
Valentin Tanase
Ranch Hand

Joined: Feb 17, 2005
Posts: 704
Hi Monarch,


i m making on a chat application and it requires a ldap to be used as the directory service. I dont know as to how i would integrate the ldap to my server.

The only reason I can see for using an ldap database in your design, is exactly to authenticate the users. The question is: where are the user information permanently stored and maintained? Are they maintained in the RDBMS, or are they maintained in the LDAP, or maybe both? And when I say maintained I don�t necessarily mean that they are maintained by your application. Usually is the sys admin team that updates the database (or ldap), adding or removing users (as they leave the company, get fired or hired, etc.), have backup and recovery strategies, etc. If they are not maintained in LDAP and your company doesn�t need/want to invest the time in doing that (migrating the users from RDBMS to LDAP) then it might be no reason to use LDAP whatsoever.

It goes like this when the user logs in his information must be transferred from the server or relative database to the ldap and ldap sould maintain the session of the current user.

I believe that you are focusing on the details rather than more important design decisions. Let�s see: you want to design a chat application; obviously users need a way to communicate. Obviously you need a middleware service where some user(s) post the messages, some user(s) get the messages. There is no other way for users to communicate, but using this middleman. The question you must answer fist is: what this middleman is?. As far as I can tell the most intuitive answer is also the best: have a Message Oriented Middleware. You can choose any messaging vendor you like: MQSeries, JMS, MSMQ, etc. From my standpoint there are only very few reasons for you to choose another strategy: the company doesn�t need to spend money on new technologies, team�s skill set, etc, but non of them is pure technical. Other choices for your MOM might be:
  • Java RMI
  • Java sockets
  • RDBMS
  • Servlets, or other web technologies


  • But all of them require you to build the MOM layer from scratch. As you can see there is a lot of extra work for building, testing and maintaining your application.

    Can it be possible and if so then how come??

    Yes of course it can. You need JDBC api for getting the records form database and you need another api for updating LDAP entries. No trivial task and involves a lot of coding, testing and (later on) maintenance effort. Besides it doesn�t make much sense though. Why do you need to move the data from database to ldap in the first place anyway? Use only database or use only ldap. How to chose between one and the other depends upon whether the user information are kept into the RDBMS or ldap and how efficient your ldap vs RDBMS is. Finally I have to remind you that using a messaging system will solve these problems right away: users can open/close JMS session and you don�t need to care much about how the server creates or maintains the sessions.

    if i m having n open ldap 2.2.23 srver how to onfigure it to make it work or run.

    About this I hope that other ranchers can provide you good help. I�m not using open ldap and therefore I cannot help you in this matter.
    Regards.


    I think, therefore I exist -- Rene Descartes
    Monarch Bhojani
    Ranch Hand

    Joined: Feb 27, 2005
    Posts: 46
    Hello Sir
    Thanks for ur reply.
    We were told that bcoz the ldap is lightweight protocol it would be a good option to look for.

    It is like we have to transfer the data of the user when he logs in to the ldap from the relational db. And the data within the ldap remains till the user is signed in for the chatting . as soon as he signs out then the session expires and so ldap session also.

    IS it possible to do so?
    or it is necessary to get the user's authentication done using ldap.

    or we should be storing the info abt the user into the ldap as well as
    rel db.or ldap only. what acc to u is good and fast to do

    As far as the messege transfer is concerned we are using servlets as the middleman
    So how this communication from the ldap and rel db take place in the first place

    Regards
    Monarch
    Valentin Tanase
    Ranch Hand

    Joined: Feb 17, 2005
    Posts: 704

    IS it possible to do so?

    Yes it is.

    or it is necessary to get the user's authentication done using ldap.

    It is not necessary. You can use the database if you whish.

    or we should be storing the info abt the user into the ldap as well as
    rel db.or ldap only.

    You can chouse either one or the other. However it doesn�t make much sense to use both. This is what I explained you in my previous posting.

    what acc to u is good and fast to do

    LDAP might be preferred because it provides a very fast access. It is very useful to J2EE applications where authorization and authentication must return very fast. Just imagine the authorization scenarios where clients must be authorized for each method invocation and each resource they access. This must occur within 150-200ms in order for the application to be functional. I remember implementing the security infrastructure for a bank and they chose the database instead, because the number of users and other security related data to store was very big. LDAP could not handle it properly. Again choosing either one of the two is just fine. Choosing both of them might make no sense at all. However this is your minor problem. The real problem, in my opinion is here:

    As far as the messege transfer is concerned we are using servlets as the middleman

    If you�re using swing/AWT to design the GUI, then your application will be a mess. JSP might save you a lot of trouble, but you still have to use the servlets framework in place of a MOM and this is not an easy task and won�t lead you to a nice solution. Either way it will give a hard time to the team that will maintain this application ...

    So how this communication from the ldap and rel db take place in the first place

    You have to develop two frameworks:
    [list = 1]
  • LDAP framework - uses either Sun�s api, or Netscape Directory Server (which was bought by Sun) to create/update/remove/search ldap entries.
  • Database framework � uses JDBC to search your database.

  • [/list]
    Here there is the login use case:
    [list = 1]
  • The system displays a GUI for logging in.
  • The user submits the username & password.
  • The application uses the Database framework in order to validate the user�s credentials against the database (just a trivial select).
  • If the user is authenticated the system uses the LDAP framework to add a new entry to the ldap database that matches the user�s profile.
  • The system displays a successful "signed in" message back to the client.
  • The GUI displays the main page.
  • Now the user can start chatting, etc.

  • [/list]
    Notice that you�ll maintain a unique database, the step 4 won�t be required. Also you'll have to develop, test and maintain two frameworks, instead of only one.
    Regards.
    Monarch Bhojani
    Ranch Hand

    Joined: Feb 27, 2005
    Posts: 46
    hello Sir
    Thanks for ur reply.

    Actually i dint get the point. The ldap would be having the data about the usernames from the beginning only and when the user logs in (authentication done against the entry within the database) and then the name would be checked in for the ldap and logged in message would appear?? is it so?

    So why we need the data within ldap Cant it be possible that the data is just transfered when the user is authenticated using the database

    As far the storage is concerned if ldap holds all the data then would it be possible for the ldap to hold more than 200 entries *what would be the extreme limit??) if tbere is any?

    And as u told to use the JSP. We had used JSP in the earlier projets of ours and so we wanned to use Swing would swing make appl slow or wat??

    And is servlet a better option to use for transfer of the messages ?

    Once again how the process to transfer the names from the database to ldap will take place

    Thanks
    Regards
    Monarch

    I WILL -- Bottomline
    Valentin Tanase
    Ranch Hand

    Joined: Feb 17, 2005
    Posts: 704

    Actually i dint get the point. The ldap would be having the data about the usernames from the beginning only and when the user logs in (authentication done against the entry within the database) and then the name would be checked in for the ldap and logged in message would appear?? is it so?

    Yes you right. If the ldap has the users from the beginning, then you might not need the database, because you will authenticate them against the ldap. For the authentication use case this is the best scenario. Another good scenario would also be to authenticate against the database only, without moving the user�s information to ldap. The only scenario that doesn�t make sense to me is to authenticate against the database and copy the session information to ldap. This won�t buy you much. Better keep them in the database, eventually creating a new USER_SESSION table and forget about ldap.

    So why we need the data within ldap Cant it be possible that the data is just transfered when the user is authenticated using the database

    I imagine that your question is about an automatic way to transfer data from the database to ldap. Like using link tables in database, when the data is moved from one database to another. Well the answer is no, there is no miraculous way to transfer the data from database to ldap (or at least I don�t know any). You can do this only programmatically, writing JDBC code to get the data from database and writing to another ldap api in order to update ldap entry. Maybe now you�ll understand my point why it doesn�t make much sense to maintain these two different APIs, when you can just use only one of the two storage mechanism and maintain only one type of api.

    As far the storage is concerned if ldap holds all the data then would it be possible for the ldap to hold more than 200 entries *what would be the extreme limit??) if tbere is any?

    It will be no problem at all. It can hold much more than that, but when the number of entries is more than several thousand, ldap queries might become very slow. Databases have SQL, query optimizer, query buffering, aggressive caching, etc. and they are very mature and performat. LDAP is a relative new technology and as it stans is a very lightweight database.

    And as u told to use the JSP. We had used JSP in the earlier projets of ours and so we wanned to use Swing would swing make appl slow or wat??

    Swing GUI to Servlets back end, just doesn�t fit. JSP are server side components, hence they run on the server and can access implicit server side objects like HttpRequest/HttpResponse, HttpSession, ServletContext, etc. JSP have a very flexible, natural and follow a strong OOP model. In contrast your Swing GUI needs to get back the stream as it comes from the servlet, usually in html format. Next the GUI needs to parse this stream and fill up the swing components with the data from your html stream. This is a tremendous amount of extra-work and doesn�t follow an OOP approach. Even worse, this will be hard to maintain and from a design standpoint makes no sense whatsoever.

    And is servlet a better option to use for transfer of the messages ?

    No it's not. Actually I cannot think of any worse one. In a messaging system you need at least a producer and a consumer. While the producer is relatively easy to implement, the consumer is not quite so. A consumer can either poll or push the data. Therefore you�ll have two option (at least theoretically):
  • Have your GUI client checking the server for messages every 1,2,3,... minutes (this is the polling model).
  • Have your servlet sending the message back to your GUI client, after receiving it (this is the pushing model)


  • Without getting into any details, I�ll tell you that the second option is almost always preferred. This is actually how a truly messaging system works. The only problem here is that I can�t see how this could be achieved with servlets. My guess is that it will either never work, or it will be too complex. So you�ll end up implementing 1, which is neither a very nice nor very optimal solution.

    Once again how the process to transfer the names from the database to ldap will take place

    I think I answered you to this question. However there is one more hint I can give you. If you need a way to transfer your users from database to ldap you might use a third party tool, like openadaptor. This is free an you might download it form
    http://www.openadaptor.org
    Regards.
    Monarch Bhojani
    Ranch Hand

    Joined: Feb 27, 2005
    Posts: 46
    Hello Sir
    Thank you once again for ur reply.

    As u have told that second option about the transfer that u have suggested that only we are using right now.

    Our spec was to use LDAP as well as DB (where ldap is a must)Then 2 questions arise

    1 If we discard using the rel db then how to proceed

    2 If we discard using the ldap then as we were told how to maintain the session as rel db would be a hard choice acc to the people who have offered us a project??? would it be so??

    The thing we have done till now is that we have designed all th client part and have continued with the one to one communication between the users

    But actually the servlet is able to get the string from the client 1
    but the same is not being succesfully delivered to the client 2.

    If we do polling and it is also performed successfully then how to know that which is the intended client to send the message.??

    you must have used yahoo messenger . it displays the informaion about 1 client to the another when they are having the conversation.
    so when if using the ldap i transfer the information from onw user to the another one.if at all we use ldap.

    But when using Rel db how to maintain the session i m confused.

    By the way Sir would u mind if i use ur punch line
    I think therefore I exist--

    Thanks
    Regards
    Monarch
    Valentin Tanase
    Ranch Hand

    Joined: Feb 17, 2005
    Posts: 704
    Hi Monarch,

    I have a strong feeling that you might not understand completely my answers, or I might not understand very well your questions. Please understand that English is my second language and this could lead to language barriers. Please try to address your question to people that could help you much better than I can do.
    Regards.
    Monarch Bhojani
    Ranch Hand

    Joined: Feb 27, 2005
    Posts: 46
    Hello Sir
    What happened
    I had just asked few questions regarding my project
    If any thing is wrong then I would write it once again or is it like that i m asking u too many questions thats the reason u don want to reply.

    May be ???

    Regards
    Monarch
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: is it possible
     
    Similar Threads
    LDAP authentication
    is it possible through LDAP ??
    JndiLoginModule and user bind?
    Tomcat and LDAP.
    OpenLDAP installation on windows