CN101335742B - Directory access system and method under lightweight directory access protocol - Google Patents
Directory access system and method under lightweight directory access protocol Download PDFInfo
- Publication number
- CN101335742B CN101335742B CN2007101178406A CN200710117840A CN101335742B CN 101335742 B CN101335742 B CN 101335742B CN 2007101178406 A CN2007101178406 A CN 2007101178406A CN 200710117840 A CN200710117840 A CN 200710117840A CN 101335742 B CN101335742 B CN 101335742B
- Authority
- CN
- China
- Prior art keywords
- ldap
- response results
- client
- operation requests
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention provides a system and a method for accessing the directory under a Lightweight Directory Access Protocol (LDAP), wherein, the system comprises a client and a server; the client is used for sending out an operational request by adopting an asynchronous call mode and temporarily storing the response result of the operational request returned in a buffer zone when carrying out operation to a directory information tree; the server is connected with the server by an LDAP API and used for accepting the operational request sent out by the client, implementing and returning the response result which is marked by the information serial number corresponding to operational request; wherein, the client also includes a response result checking module which is used for recording the information series number of an operational request or a plurality of operational requests and checking whether the response results of the operational requests corresponding to the information series number recorded are returned completely; if so, the response results should be reported; if not, rechecking should be carried out in the buffer zone; if the check overtimes, then the timeout error should be returned to.
Description
Technical field
The present invention relates to LDAP (Lightweight Directory Access Protocol, LDAP) system and method for visit catalogue under is particularly relevant for improving one's methods that LDAP_Result interface among the LDAP client protocol RFC1823 is realized.
Background technology
LDAP is a standard that is used to visit directory service, extendible internet agreement.Part is based on standard X.500, but simpler, more refining, and extensibility is better.
The ldap protocol notion that this paper relates to comprises:
1) catalogue: Directory deposits the information of object, and these information are described each object in detail with certain sequential organization.
2) directory information tree: DIT, Directory Information Tree, the set of catalogue entry has constituted directory information tree.
3) clauses and subclauses: Entry, a node in the directory information tree is the set of an object information, is unit the most basic in the directory information, comprises a series of attributes of this object.
4) attribute: Attribute, the feature of attribute description object.An attribute is by attribute type (type) and one or more property value.
As shown in Figure 1, the DIT structure of a simplification.This DIT has three layers, and ground floor is the root of DIT, represents Chinese C=CN.Two clauses and subclauses of the second layer are represented two O=XXX of company and O=YYY.Four clauses and subclauses in the 3rd layer the left side represent that there are four office workers in XXX company, are respectively Zhang, Wang, Li, Cheng.The specific object of each clauses and subclauses is unlisted.
As shown in Figure 2, LDAP client 100 is for mutual with ldap server end 200, finish storage and the visit of DIT, LDAP client 100 need comprise LDAP operation layer 110 (client application part) and LDAP adaptation layer 130, and both are interface with LDAP API120.LDAP adaptation layer 130 provides the realization of the API (Application Programming Interface, application programming interfaces) of standard, and LDAP client 100 is called api interface 120 and finished visit to ldap server end 200.
In RFC1823, defined the api interface 120 of the visit ldap server end 200 of C linguistic form.LDAP client 100 and ldap server end 200 basic interaction flows comprise:
1. connect
2. bind and purview certification
3. client initiation additions and deletions are looked into and are changed operation
4. client is checked the response results of server end
5. client is initiated subsequent operation.
6. client is closed connection
The 3rd step related to the present invention and the 4th step are only described herein.Client 100 initiation increases (calling the ldap_add interface)/deletion (calling the ldap_delete interface)/when revising (calling the ldap_modify interface) operation, can use synchronization call interface or asynchronous call interface.The present invention only relates to the improvement to the asynchronous call interface, therefore only describes the definition of RFC1823 to the asynchronous call interface.(being simple the description, is example with the ldap_add interface, but ldap_modify and ldap_delete same treatment) ldap_add interface definition is as follows:
int?ldap_add(LDAP*ld,char*dn,LDAPMod*attrs[]);
After client 100 is called this interface, can obtain the return value of a shaping, we are referred to as message SN msgid.Owing to be asynchronous call, need client 100 regularly to call the result that LDAP_Result interface check server end returns.The LDAP_Result interface definition is as follows:
int?ldap_result(
LDAP *ld,
int msgid,
int all,
struct?timeval?*timeout,
LDAPMessage **res
);
Wherein msgid goes into ginseng and is the return value that LDAP_ADD is called in the front.Whether LDAP_Result interface customer inspection server end 200 has returned the response of corresponding msgid.
As shown in Figure 3, with DIT among Fig. 1 is example, be LDAP client 100 flow process (to increase clauses and subclauses is example, is equally applicable to revise and the deletion clauses and subclauses) " Zhang " and " Wang " two office workers, comprise the steps: in order to increase XXX company to server end 200 increase clauses and subclauses
Step 301, LDAP client 100 is called the ldap_add interface, increases clauses and subclauses request (increasing office worker Zhang) to server end 200 asynchronous transmissions, and this operation requests indicates with msgid=1.LDAP client 100 obtains control, but whether do not know to increase entry operation this moment successful.
Step 302-a, ldap server end 200 is handled and is increased the clauses and subclauses request, and result is returned to LDAP client 100, indicates response results with msgid=1, and this response results temporarily is kept in the buffer area of LDAP client;
Step 302-b, LDAP client 100 is regularly called the ldap_result interface, checks whether local buffer obtains the response of the corresponding msgid=1 that server end 200 returns.If meet with a response, then carry out subsequent treatment according to response results.(be assumed to be increases successfully herein)
Step 303, LDAP client 100 is called the ldap_add interface, increases clauses and subclauses request (increasing office worker Wang) to server end 200 asynchronous transmissions, and this operation requests indicates with msgid=2.The LDAP client obtains control, but whether do not know to increase entry operation this moment successful.
Step 304-a, ldap server end 200 is handled and is increased the clauses and subclauses request, and result is returned to LDAP client 100, indicates response results with msgid=2, and this response results temporarily is kept in the buffer area of LDAP client 100;
Step 304-b, LDAP client 100 is regularly called the ldap_result interface, checks whether local buffer obtains the response of the corresponding msgid=2 that server end 200 returns.If meet with a response, then carry out subsequent treatment according to response results.(be assumed to be increases successfully herein)
We can see that LDAP_Result has been called twice in this invoked procedure.If we need increase all employees of XXX company, then LDAP_Result can be called four times.LDAP_Result calls at every turn, and an of short duration time-delay all can be arranged, and this delay time is gone into the ginseng definition by struct timeval*timeout.Therefore as can be seen, if the LDAP_Result call number is too much, can influence the handling property of LDAP client.
Summary of the invention
For addressing the above problem, the objective of the invention is to propose the system and method for visit catalogue under a kind of LDAP, call repeatedly problem to solve LDAP_Result.
For realizing the problems referred to above, the invention provides the system of visit catalogue under a kind of LDAP, comprising:
Client when being used for directory information tree operated, adopts the asynchronous call mode, the transmit operation request, and the response results of this operation requests that will return is temporarily stored in the buffering area;
Server end is connected by LDAP program application interface with this client, is used to accept this operation requests that this client sends, and carries out and return response results, and the message SN of this response results with the respective operations request indicated;
Wherein, this client further comprises:
One response results is checked module, be used to write down the message SN of the one or more operation requests that will check, in this buffering area, check that whether the response results of the operation requests corresponding with institute recording messages sequence number is all returned, and as if all returning, then reports response results, if all do not return, then rechecking in this buffering area if inspection is overtime, is then returned time-out error.
The system of visit catalogue under the above-mentioned LDAP, wherein, this response results checks that module is the LDAP_ResultEx interface.
The system of visit catalogue under the above-mentioned LDAP, wherein, this LDAP_ResultEx interface further comprises: an elongated array is used to write down a plurality of message SNs.
The system of visit catalogue under the above-mentioned LDAP, wherein, this LDAP_ResultEx interface further comprises: a parameter is used to indicate the quantity of the message SN that is write down.
The system of visit catalogue under the above-mentioned LDAP, wherein, this LDAP_ResultEx further comprises: another elongated array is used to write down the response results of a plurality of operation requests.
The system of visit catalogue under the above-mentioned LDAP, wherein, this client further comprises:
Operation layer is used to receive this response results that reports, according to the response results of each corresponding operation requests of this message SN identification.
For achieving the above object, the present invention also provides the method for visit catalogue under a kind of LDAP, wherein, comprising:
Step 1, client is carried out a plurality of increase clauses and subclauses to directory information tree, when deleting clauses and subclauses and/or revising the operation of clauses and subclauses, adopts the asynchronous call mode, sends a plurality of operation requests, and writes down the message SN of the one or more operation requests that will check;
Step 2, server end be to these a plurality of operation requests, and concurrent execution, and with the response results of each operation requests indicates with the message SN of respective operations request, and asynchronous this client that returns to is stored in the buffering area of this client;
Step 3 in this buffering area, checks whether the response results of the operation requests corresponding with institute recording messages sequence number is all returned, if all return, then reports response results, as if all not returning then rechecking in this buffering area.
The method of visit catalogue under the above-mentioned LDAP, wherein, this step 3 further comprises:
If in this buffering area, check the time of this response results, surpass the scheduled time, then return the step of time-out error.
The method of visit catalogue under the above-mentioned LDAP, wherein, this step 3 further comprises:
What will be checked through in this buffering area carries out record with this message SN corresponding response result, after all the corresponding response outcome record finishes, sends the step of this response results to operation layer.
The method of visit catalogue under the above-mentioned LDAP wherein, further comprises after this step 3:
After this operation layer receives this response results that reports, according to the response results of each corresponding operation requests of this message SN identification.
The present invention proposes the definition of expansion LDAP_Result interface parameters, can solve the problem that above-mentioned LDAP_Result need repeatedly call, improve the handling property of LDAP client.
Description of drawings
Fig. 1 is the DIT schematic diagram of LDAP;
Fig. 2 is a system configuration schematic diagram of supporting directory access under the ldap protocol in the prior art;
Fig. 3 is a LDAP client call schematic flow sheet in the prior art;
Fig. 4 is the structural representation of system of the present invention;
Fig. 5 is the LDAP client call schematic flow sheet after the present invention improves.
Embodiment
The present invention is further detailed explanation below in conjunction with the drawings and specific embodiments.
As shown in Figure 3, ldap protocol of the present invention is visited the system schematic of catalogue down.This system comprises: LDAP client 100, ldap server end 200, wherein LDAP client 100 is used for DIT is carried out a plurality of increase clauses and subclauses, when deleting clauses and subclauses and/or revising the operation of clauses and subclauses, adopt the asynchronous call mode, the transmit operation request, and the response results of described operation requests is temporarily stored in the buffering area;
This LDAP client 100 further comprises: a response results is checked module 140, be used to write down the message SN that a plurality of clients 100 are sent to the operation requests of server end 200, in buffering area, whether the message SN corresponding response result of inspection and described record all returns, if all return, then reports response results, if all do not return, then rechecking in buffering area up to overtime, and is returned mistake.
This response results checks that module 140 is: the LDAP_ResultEx interface is the expansion to the LDAP_Result interface.The change point of expansion comprises: will go into to join msgid and be defined as the many-valued ginseng of going into, for example, elongated array int msgid[], and newly-increased parameter m sgnum represents the quantity of the msgid of needs inspection.To go into to join res and be defined as elongated array LDAPMessage
*Res[].
The principle that LDAP_ResultEx realizes is: according to elongated array msgid[] in each msgid, in the client buffer district, seek the response of whether having returned.If returned response then response results be filled up in the corresponding res array.If response is all found in msgnum request from buffering area, then return success.Otherwise repeat to search buffering area, arrive, return time-out error up to the timeout time of regulation.
The present invention also provides the method for visit catalogue under a kind of LDAP, may further comprise the steps:
(1) LDAP client 100 increase/delete for doing with a plurality of Entry of layer in the DIT tree/when changing, adopt the asynchronous call mode, the transmit operation request.And write down the sequence number msgid of each request.
(2) a plurality of operation requests of sending of 200 pairs of LDAP clients of ldap server end 100, concurrent execution, and be sign with the response results of each operation requests with separately msgid, the asynchronous LDAP client 100 that returns to.
(3) LDAP client 100 provides buffering area, the response results of a plurality of operation requests that caching server end 200 returns.
(4) operation layer 110 calls LDAP_ResultEx checks each operation requests in buffering area response results, and specifying in going into ginseng needs of inspection and a plurality of operation requests, is the sign of each request with msgid.
(5) the LDAP client 100 msgid array of utilizing LDAP_ResultEx to go into appointment in the ginseng searches in buffering area separately whether the corresponding response result exists.If all response results are all returned, LDAP client 100 recording responses results are to the res array, and return operation layer LDAP_ResultEx and call the result.Otherwise LDAP client 100 rechecking buffering areas all return up to response results, if surpass the scheduled time, then return time-out error.
(6) operation layer 110 is checked the res array, according to the response results of corresponding each operation requests of msgid identification.
As shown in Figure 5, among the present invention LDAP user end to server end is increased the improvement of the flow process (to increase clauses and subclauses is example, is equally applicable to revise and the deletion clauses and subclauses) of clauses and subclauses, may further comprise the steps.
Step 501, LDAP client 100 is called the ldap_ interface, increases clauses and subclauses request (increasing the office worker) to the server end asynchronous transmission, and this operation requests indicates with msgid=1.The LDAP client obtains control, but whether do not know to increase entry operation this moment successful.
Step 502, LDAP client 100 is called the 1dap_add interface, increases clauses and subclauses request (increasing office worker Wang) to server end 200 asynchronous transmissions, and this operation requests indicates with msgid=2.The LDAP client obtains control, but whether do not know to increase entry operation this moment successful.
Step 503a, two operation requests that 200 pairs of LDAP clients of ldap server end 100 send, concurrent execution, and be sign with each request results with separately msgid (1 and 2), the asynchronous LDAP client 100 that returns to.
In sum, adopt the inventive method, for needs to increasing, delete with one deck clauses and subclauses among the DIT and/or when revising, the available server end 200 concurrent processing abilities that make full use of.Reduce the call number of LDAP_Result, improve the handling property of LDAP client 100.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; being familiar with those of ordinary skill in the art ought can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (10)
1. the system of visit catalogue under the LDAP comprises:
Client when being used for directory information tree operated, adopts the asynchronous call mode, the transmit operation request, and the response results of the described operation requests that will return is temporarily stored in the buffering area;
Server end, be connected by LDAP program application interface with described client, be used to accept the described operation requests that described client sends, carry out and return response results, the message SN of described response results with the respective operations request indicated;
It is characterized in that described client further comprises:
One response results is checked module, be used to write down the message SN of the one or more operation requests that will check, in described buffering area, check that whether the response results of the operation requests corresponding with institute recording messages sequence number is all returned, and as if all returning, then reports response results, if all do not return, then rechecking in described buffering area if inspection is overtime, is then returned time-out error.
2. the system of visit catalogue is characterized in that under the LDAP according to claim 1, and described response results checks that module is the LDAP_ResultEx interface, and described LDAP_ResultEx interface is the expansion to the LDAP_Result interface.
3. the system of visit catalogue under the LDAP according to claim 2, it is characterized in that described LDAP_ResultEx interface further comprises: an elongated array is used to write down a plurality of message SNs.
4. according to the system of visit catalogue under claim 2 or the 3 described LDAPs, it is characterized in that described LDAP_ResultEx interface further comprises: a parameter is used to indicate the quantity of the message SN that is write down.
5. the system of visit catalogue under the LDAP according to claim 4 is characterized in that described LDAP_ResultEx further comprises: another elongated array is used to write down the response results of a plurality of operation requests.
6. the system of visit catalogue under the LDAP according to claim 1 is characterized in that described client further comprises:
Operation layer is used to receive the described response results that reports, according to the response results of each corresponding operation requests of described message SN identification.
7. the method for visit catalogue under the LDAP is characterized in that, comprising:
Step 1, client is carried out a plurality of increase clauses and subclauses to directory information tree, when deleting clauses and subclauses and/or revising the operation of clauses and subclauses, adopts the asynchronous call mode, sends a plurality of operation requests, and writes down the message SN of the one or more operation requests that will check;
Step 2, server end be to described a plurality of operation requests, and concurrent execution, and with the response results of each operation requests indicates with the message SN of respective operations request, asynchronously returns to described client, is stored in the buffering area of described client;
Step 3 in described buffering area, checks whether the response results of the operation requests corresponding with institute recording messages sequence number is all returned, if all return, then reports response results, as if all not returning then rechecking in described buffering area.
8. the method for visit catalogue under the LDAP according to claim 7 is characterized in that described step 3 further comprises:
If in described buffering area, check the time of described response results, surpass the scheduled time, then return the step of time-out error.
9. the method for visit catalogue under the LDAP according to claim 7 is characterized in that described step 3 further comprises:
What will be checked through in described buffering area carries out record with described message SN corresponding response result, after all the corresponding response outcome record finishes, sends the step of described response results to operation layer.
10. the method for visit catalogue is characterized in that under the LDAP according to claim 9, further comprises after the described step 3:
After described operation layer receives the described response results that reports, according to the response results of each corresponding operation requests of described message SN identification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101178406A CN101335742B (en) | 2007-06-25 | 2007-06-25 | Directory access system and method under lightweight directory access protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101178406A CN101335742B (en) | 2007-06-25 | 2007-06-25 | Directory access system and method under lightweight directory access protocol |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101335742A CN101335742A (en) | 2008-12-31 |
| CN101335742B true CN101335742B (en) | 2011-09-21 |
Family
ID=40198049
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101178406A Expired - Fee Related CN101335742B (en) | 2007-06-25 | 2007-06-25 | Directory access system and method under lightweight directory access protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101335742B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102834823B (en) * | 2010-02-11 | 2017-07-28 | 瑞典爱立信有限公司 | Data management at catalog data base |
| CN102130954A (en) * | 2011-03-17 | 2011-07-20 | 华为技术有限公司 | Method and device for transmitting data resources |
| CN102402614B (en) * | 2011-12-21 | 2013-10-23 | 山东中创软件商用中间件股份有限公司 | Cross-domain data analysis method and system for directory service |
| CN102938763B (en) * | 2012-11-09 | 2015-11-25 | 北京奇虎科技有限公司 | The application connecting system of network application access network operation platform and method |
| CN104753981B (en) * | 2013-12-27 | 2018-11-13 | 全优玲 | The method for handling network request |
| CN104243552B (en) * | 2014-08-19 | 2017-09-15 | 天津南大通用数据技术股份有限公司 | The method of express statistic catalogue subtree entry number based on LDAPV3 agreements |
| CN108287706B (en) * | 2017-05-10 | 2021-09-14 | 腾讯科技(深圳)有限公司 | Data processing method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1300011A (en) * | 1999-12-14 | 2001-06-20 | 国际商业机器公司 | Identification name automatic searching method and system thereof |
| CN1946099A (en) * | 2006-10-20 | 2007-04-11 | 华为技术有限公司 | System for realizing telephone book and method for obtaining telephone book resource |
-
2007
- 2007-06-25 CN CN2007101178406A patent/CN101335742B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1300011A (en) * | 1999-12-14 | 2001-06-20 | 国际商业机器公司 | Identification name automatic searching method and system thereof |
| CN1946099A (en) * | 2006-10-20 | 2007-04-11 | 华为技术有限公司 | System for realizing telephone book and method for obtaining telephone book resource |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101335742A (en) | 2008-12-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101335742B (en) | Directory access system and method under lightweight directory access protocol | |
| CN101447981A (en) | Client-server interaction method based on LDAP protocol and system thereof | |
| CN100518181C (en) | Transparent transference of non-state conversation between servers | |
| US8370470B2 (en) | System and method for managing server configurations | |
| KR100725066B1 (en) | A system server for data communication with multiple clients and a data processing method | |
| CN110532247A (en) | Data migration method and data mover system | |
| US7783737B2 (en) | System and method for managing supply of digital content | |
| CN101771723A (en) | Data synchronization method | |
| CN103685590B (en) | Obtain the method and system of IP address | |
| EP2461615A1 (en) | Method for backing up terminal data and system thereof | |
| CN106021327B (en) | A kind of Dropbox system for supporting multi-user to read while write and its read document method, written document method | |
| CN101330657B (en) | Address list system and implementing method thereof | |
| JP3792419B2 (en) | Directory data conversion method, storage medium storing directory data conversion program, and directory conversion server | |
| US20080177948A1 (en) | Method and apparatus for managing placement of data in a tiered storage system | |
| US20030110257A1 (en) | Method for performing a load distribution between session initiation protocol servers within an intra domain | |
| CN106357778A (en) | Session information sharing method, device and system | |
| CN104035925B (en) | Date storage method, device and storage system | |
| CN110138606A (en) | Capacitor network configuration method and system | |
| CN106648903A (en) | Method and system for calling distributed file system | |
| CN102104617A (en) | Method for storing massive picture data by website operating system | |
| CN106294352A (en) | A kind of document handling method, device and file system | |
| CN109005433B (en) | A kind of video cloud service platform architecture and implementation method | |
| US6871203B1 (en) | Data processing system | |
| CN105978981A (en) | Data backup linear capacity expanding method and system based on public cloud storage account | |
| CN101378329B (en) | Distributed business operation support system and method for implementing distributed business |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20151202 Address after: 338025 Shengli Road, Jiangxi, Xinyu, No. 279 Patentee after: STATE GRID JIANGXI ELECTRIC POWER COMPANY GANXI POWER SUPPLY Co. Patentee after: State Grid Corporation of China Address before: 518057 Nanshan District science and Technology Industrial Park, Guangdong high tech Industrial Park, ZTE building Patentee before: ZTE Corp. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110921 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |