CN105450606A - LDAP service node and synchronization method - Google Patents
LDAP service node and synchronization method Download PDFInfo
- Publication number
- CN105450606A CN105450606A CN201410425549.5A CN201410425549A CN105450606A CN 105450606 A CN105450606 A CN 105450606A CN 201410425549 A CN201410425549 A CN 201410425549A CN 105450606 A CN105450606 A CN 105450606A
- Authority
- CN
- China
- Prior art keywords
- event
- lock unit
- service node
- call back
- back function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses an LDAP service node comprising a front-end unit used for processing all operations of connection with a client and managing a working thread pool, a back-end unit used for operating a background database, and an event-driven based synchronization unit. When the front-end unit receives an add, delete or revise request initiated by the client, the front-end unit packages the add, delete or revise request into a synchronization message and sends the message to the event-driven based synchronization unit in the form of inter-process communication, and the event-driven based synchronization unit sends the message to the synchronization unit(s) of one or more other LDAP service nodes in the form of network communication after receiving the message. The invention further discloses a method for synchronization between LDAP service nodes.
Description
Technical field
the present invention relates to Lightweight Directory Access Protocol (LightweightDirectoryAccessProtocol, LDAP), more particularly, relate to a kind of LDAP service node and synchronous method.
Background technology
lDAP is Light Directory Access Protocol, and English full name is LightweightDirectoryAccessProtocol, referred to as LDAP, is the agreement of access line directory service.In view of original directory access protocol (DirectoryAccessProtocol and DAP) uses too complicated for simple internet client, IETF designs and specifies LDAP as the better approach using X.500 catalogue.LDAP defines the agreement of a relatively simple upgrading and search directory on TCP/IP.
everyday words " ldap directory " may be misunderstood, and actual not " ldap directory " so kind of catalogues.Usually with it, the access of any use ldap protocol can be described and can the use X.500 catalogue of object in identifier list of identifications.The entry (entry) of ldap directory is made up of a gathering of attribute (attribute), and is quoted by the name of a uniqueness, i.e. proprietary name (distinguishedname, DN).
the main difference part in ldap directory and general data storehouse is the organizational form of data, and it is a kind of stratified, tree structure.The definition of the attribute of all entries is the part of object class objectclass, and composition forms schema together; Those schema representing individual in tissue are named as whitepagesschema.Each entry in database contacts with some object class, and these object class whether be optional and it preserves the information of which type if determining an attribute.The name of attribute is generally a character string being easy to remember, such as, be that common name (commonname) is named with cn, and " mail " represents e-mail address.
ldap directory entry can describe a level mechanism, and this structure can reflect the category of a politics, geography or tissue.In original X.500 model, the entry of reaction country is positioned at the top of tree; Then be state or national tissue.Typical LDAP configuration uses dns name to be referred to as the top of tree structure, and following is the entry of representative, document, organizational unit, printer and other any affairs.
the current realization to LDAP synchronization mechanism is as OpenLDAP, OUD (OracleUnifiedDirectory), ITDS (IBMTivoliDirectoryServer) is mostly realized by refreshOnly and refreshAndPersist two kinds of synchronous modes, in these two kinds of patterns, synchronously initiate by client, difference is the operation after synchronously completing: refreshOnly(" pull-mode ") be that client obtains the data variation of service end by the mode of poll, especially to active and standby or LDAPServer that multimachine is standby mutually each other, the decline of two-shipper performance and the waste of resource will inevitably be caused, refreshAndPersist(" push-model ") under LDAPbackend initiatively initiate to push, there is performance and quasi real time property relatively preferably, but to the high concurrent data amendment of big data quantity custom system, can cause that system is distributed frequently, recovery system resource, have impact on the performance of LDAPServer itself.
therefore, a kind of LDAP method of data synchronization that can solve in high concurrent data amendment situation is needed.
Summary of the invention
for solving the problem, according to an aspect of the present invention, providing a kind of LDAP service node, comprising: front end unit, for the treatment of the management with all attended operations of client and worker thread pond; Backend unit, for operating background data base; And based on event driven lock unit; Wherein, described front end unit receive described client initiate increasing, delete or change request time, described front end unit by this increasing, delete or change request and be encapsulated as synchronization message, and described synchronization message is sent to described based on event driven lock unit in the mode of interprocess communication, and described based on event driven lock unit after receiving described message, in the mode of network service, described message is sent to respectively the lock unit of other LDAP service nodes one or more.
in above-mentioned LDAP service node, the communication between described process is realized by the combination of message queue and shared drive.
in above-mentioned LDAP service node, described listening port and the service IP being suitable for the lock unit configuring described other LDAP service nodes one or more based on event driven lock unit.
in above-mentioned LDAP service node, described synchronization message is readable event, for triggering the event write based on event driven lock unit, and then described lock unit initiates the synchronization request for the lock unit of other one or more LDAP service nodes described.
in above-mentioned LDAP service node, described based on event driven lock unit be configured to reception described synchronization message after, the first event is obtained from pre-assigned event chained list, the first call back function that registration is corresponding with described first event in pre-assigned Task-list, wakes the first worker thread up and performs described first call back function.
in above-mentioned LDAP service node, describedly be configured to further from pre-assigned event chained list, obtain second event after execution first call back function based on event driven lock unit, the second call back function that registration is corresponding with described second event in pre-assigned Task-list, wake the second worker thread up and perform described second call back function, wherein said first call back function is different from described second call back function.
in above-mentioned LDAP service node, described first call back function is read operation, and described second call back function is write operation.
according to another aspect of the present invention, provide and a kind ofly between LDAP service node, realize synchronous method, comprising: a LDAP service node receive from client increasing, delete or change request; A described LDAP service node by this increasing, delete or change request and be encapsulated as synchronization message; The lock unit based on event driven lock unit described synchronization message sent in the mode of network service in the 2nd LDAP service node in a described LDAP service node.
in the above-mentioned methods, the front end unit in a described LDAP service node is sent to described based on event driven lock unit in the mode of interprocess communication, and the communication between wherein said process is realized by the combination of message queue and shared drive.
in the above-mentioned methods, described listening port and the service IP configuring the lock unit of described 2nd LDAP service node based on event driven lock unit.
in the above-mentioned methods, described synchronization message is readable event, for triggering the described event write based on event driven lock unit, and then triggers the synchronization request of described lock unit initiation for the lock unit of described 2nd LDAP service node.
in the above-mentioned methods, send to the lock unit in the 2nd LDAP service node to comprise in the mode of network service described synchronization message based on event driven lock unit in a described LDAP service node: described based on event driven lock unit after the described synchronization message of reception, the first event is obtained from pre-assigned event chained list, the first call back function that registration is corresponding with described first event in pre-assigned Task-list, wakes the first worker thread up and performs described first call back function.
in the above-mentioned methods, the lock unit in the 2nd LDAP service node is sent to also to comprise in the mode of network service described synchronization message based on event driven lock unit in a described LDAP service node: describedly after execution first call back function, from pre-assigned event chained list, to obtain second event based on event driven lock unit, the second call back function that registration is corresponding with described second event in pre-assigned Task-list, wake the second worker thread up and perform described second call back function, wherein said first call back function is different from described second call back function.
in the above-mentioned methods, described first call back function is read operation, and described second call back function is write operation.
technique scheme is highly suitable for the situation of high concurrent amendment LDAP items for information.In this case, when solving an amendment LDAP node entries information on the one hand, to the integrity problem of the same entry real time access of other node.On the other hand, the wheel before comparing is inquired about the LDAP synchronization scenario distributing recovery system resource frequently and is compared, and reduces the expense of system, thus makes more system resource be that directory service itself is used, improve the performance of directory service itself.
Accompanying drawing explanation
after having read the specific embodiment of the present invention with reference to accompanying drawing, those skilled in the art will become apparent various aspects of the present invention.Those skilled in the art should be understood that: these accompanying drawings only for coordinating embodiment that technical scheme of the present invention is described, and and are not intended to be construed as limiting protection scope of the present invention.
fig. 1 is the structural representation of the embodiment according to the application, LDAP service node;
fig. 2 is the operation chart of the embodiment according to the application, the lock unit in LDAP service node.
Embodiment
introduce below be of the present invention multiple may some in embodiment, aim to provide basic understanding of the present invention, be not intended to confirm key of the present invention or conclusive key element or limit claimed scope.Easy understand, according to technical scheme of the present invention, do not changing under connotation of the present invention, one of ordinary skill in the art can propose other implementation that can mutually replace.Therefore, following embodiment and accompanying drawing are only the exemplary illustrations to technical scheme of the present invention, and should not be considered as of the present invention all or the restriction be considered as technical solution of the present invention or restriction.
fig. 1 is the structural representation of the embodiment according to the application, LDAP service node.As shown in Figure 1, in the technical scheme of the application, LDAP service node is provided with a scheduler module SyncModule especially and is responsible for accepting and distributes synchronization request.Two other submodule in LDAP service node is responsible for providing main directory services functionality, wherein FrontEnd (front end) is responsible for process and all attended operations of client and the management in worker thread pond, when new client asks to arrive, front end distribute from thread pool one can thread pool process, and BackEnd(rear end) relate generally to the operation of background data base.
continue with reference to figure 1, SyncModule as receive and distribution synchronization request nucleus module, needs relate to and FrontEnd, BackEnd interprocess communication and and other nodes SyncModule between network service.Interprocess communication realizes mainly through the message queue of current comparative maturity and the combination of shared drive, just repeats no more at this.SyncModule itself is also a net distribution agency, and each SyncModule needs the listening port and the service IP that configure other SyncModule, and sets up the long connection of Socket each other.When the increasing that client is initiated, delete, change request when arriving directory service DS1, main handling process following (to increase node):
1) FrontEnd receives LDAP client increases node uid=c00050321323, after the request of ou=uc, ou=cup.com, encapsulates the message (SyncMsg) that this request is following form:
type:add
dn:uid=c00050321323,ou=uc,ou=publicuser,ou=cup.com
telephoneNumber:135222334234
mail:test126.com
usrName:test_usrnm
2) SyncMsg is sent to SyncModule in the mode of interprocess communication by FrontEnd, and SyncMsg can be sent to the SyncModule of DS2 and DS3 by SyncModule respectively in the mode of network service;
3) SyncMsg is distributed to respective directory service BackEnd in the mode of interprocess communication by the SyncModule of DS2 and DS3 again, and BackEnd then increases data newly database.
in one embodiment, SyncModule is an event driven transponder, the socket write operation of the communication request between receiving process and other nodes SyncModule is encapsulated as readable event, and trigger send synchronization request write event, greatly improve the performance of program.Its inner mechanism formed as shown in Figure 2.
as shown in Figure 2, after the SyncModule additions and deletions received from BackEnd or other SyncModule change request, trigger SyncModule and read event.SyncModule obtains Eventx from pre-assigned event chained list.Then, registered callbacks function cb_read, inserts Taskx in Task-list.Then, Worker thread is waken up to obtain Taskx and to perform cb_read.After execution cbcb_read, SyncModule obtains Eventy from pre-assigned event chained list.Then, registered callbacks function cb_write, and Tasky is inserted in Task-list.Then, Worker thread is waken up to obtain Tasky and to perform cb_write.Subsequently, this SyncModule can initiate additions and deletions and changes request to other SyncModule to carry out synchronous.
to sum up, technical scheme of the present invention needing between synchronous LDAPServer, by the preassignment of event, receiving increasings, delete, change request after, be packaged into readable event, and the event write of triggering synchronous operation, and then initiation synchronization request.This solution avoids the waste that under the system burden and high concurrent synchronization request that traditional LDAP synchronous " push-and-pull " causes, system is frequently distributed, Resource recovery causes, substantially increase synchronous performance and real-time, reduce high concurrent amendment and access same object error rate.
above, the specific embodiment of the present invention is described with reference to the accompanying drawings.But those skilled in the art can understand, when without departing from the spirit and scope of the present invention, various change and replacement can also be done to the specific embodiment of the present invention.These change and replace and all drop in claims of the present invention limited range.
Claims (14)
1. a LDAP service node, is characterized in that, comprising:
Front end unit, for the treatment of the management with all attended operations of client and worker thread pond;
Backend unit, for operating background data base; And
Based on event driven lock unit;
Wherein, described front end unit receive described client initiate increasing, delete or change request time, described front end unit by this increasing, delete or change request and be encapsulated as synchronization message, and described synchronization message is sent to described based on event driven lock unit in the mode of interprocess communication, and described based on event driven lock unit after receiving described message, in the mode of network service, described message is sent to respectively the lock unit of other LDAP service nodes one or more.
2. LDAP service node as claimed in claim 1, wherein, the communication between described process is realized by the combination of message queue and shared drive.
3. LDAP service node as claimed in claim 1, wherein, described listening port and the service IP being suitable for the lock unit configuring described other LDAP service nodes one or more based on event driven lock unit.
4. LDAP service node as claimed in claim 1, wherein, described synchronization message is readable event, and for triggering the event write based on event driven lock unit, and then described lock unit initiates the synchronization request for the lock unit of other one or more LDAP service nodes described.
5. LDAP service node as claimed in claim 4, wherein, described based on event driven lock unit be configured to reception described synchronization message after, the first event is obtained from pre-assigned event chained list, the first call back function that registration is corresponding with described first event in pre-assigned Task-list, wakes the first worker thread up and performs described first call back function.
6. LDAP service node as claimed in claim 5, wherein, describedly be configured to further from pre-assigned event chained list, obtain second event after execution first call back function based on event driven lock unit, the second call back function that registration is corresponding with described second event in pre-assigned Task-list, wake the second worker thread up and perform described second call back function, wherein said first call back function is different from described second call back function.
7. LDAP service node as claimed in claim 6, wherein, described first call back function is read operation, and described second call back function is write operation.
8. between LDAP service node, realize a synchronous method, comprising:
One LDAP service node receive from client increasing, delete or change request;
A described LDAP service node by this increasing, delete or change request and be encapsulated as synchronization message;
The lock unit based on event driven lock unit described synchronization message sent in the mode of network service in the 2nd LDAP service node in a described LDAP service node.
9. method as claimed in claim 8, wherein, front end unit in a described LDAP service node is sent to described based on event driven lock unit in the mode of interprocess communication, and the communication between wherein said process is realized by the combination of message queue and shared drive.
10. method as claimed in claim 8, wherein, the listening port of the described lock unit based on the described 2nd LDAP service node of event driven lock unit configuration and service IP.
11. methods as claimed in claim 8, wherein, described synchronization message is readable event, for triggering the described event write based on event driven lock unit, and then triggers the synchronization request of described lock unit initiation for the lock unit of described 2nd LDAP service node.
12. methods as claimed in claim 8, wherein, send to the lock unit in the 2nd LDAP service node to comprise in the mode of network service described synchronization message based on event driven lock unit in a described LDAP service node:
Described based on event driven lock unit reception described synchronization message after, the first event is obtained from pre-assigned event chained list, the first call back function that registration is corresponding with described first event in pre-assigned Task-list, wakes the first worker thread up and performs described first call back function.
13. methods as claimed in claim 12, wherein, send to the lock unit in the 2nd LDAP service node also to comprise in the mode of network service described synchronization message based on event driven lock unit in a described LDAP service node:
Describedly after execution first call back function, from pre-assigned event chained list, obtain second event based on event driven lock unit, the second call back function that registration is corresponding with described second event in pre-assigned Task-list, wake the second worker thread up and perform described second call back function, wherein said first call back function is different from described second call back function.
14. methods as claimed in claim 13, wherein, described first call back function is read operation, and described second call back function is write operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410425549.5A CN105450606B (en) | 2014-08-27 | 2014-08-27 | A kind of LDAP service node and synchronous method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410425549.5A CN105450606B (en) | 2014-08-27 | 2014-08-27 | A kind of LDAP service node and synchronous method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105450606A true CN105450606A (en) | 2016-03-30 |
| CN105450606B CN105450606B (en) | 2018-11-27 |
Family
ID=55560387
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410425549.5A Active CN105450606B (en) | 2014-08-27 | 2014-08-27 | A kind of LDAP service node and synchronous method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105450606B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107040424A (en) * | 2017-05-26 | 2017-08-11 | 郑州云海信息技术有限公司 | A kind of method of automatic configuration ldap server |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080183920A1 (en) * | 2007-01-30 | 2008-07-31 | Stmicroelectronics R&D Co., Ltd. (Beijing) | Buffer management for wireless usb isochronous in endpoints |
| CN102404215A (en) * | 2011-11-21 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Synchronization method for filtering database table forms, device and network equipment |
| CN103957273A (en) * | 2014-05-16 | 2014-07-30 | 广东佳和通信技术有限公司 | Method for achieving address list synchronization among multiple LDAP servers |
-
2014
- 2014-08-27 CN CN201410425549.5A patent/CN105450606B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080183920A1 (en) * | 2007-01-30 | 2008-07-31 | Stmicroelectronics R&D Co., Ltd. (Beijing) | Buffer management for wireless usb isochronous in endpoints |
| CN102404215A (en) * | 2011-11-21 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Synchronization method for filtering database table forms, device and network equipment |
| CN103957273A (en) * | 2014-05-16 | 2014-07-30 | 广东佳和通信技术有限公司 | Method for achieving address list synchronization among multiple LDAP servers |
Non-Patent Citations (4)
| Title |
|---|
| 任军: "《基于LDAP的目录服务综述》", 《计算机应用研究》 * |
| 宗士强: "《LDAP目录服务同步》", 《计算机与现代化》 * |
| 张丽君: "《LDAP目录与关系数据库之间数据同步技术的研究》", 《内蒙古石油化工》 * |
| 涂德志: "《LDAP协议研究与LDAP服务器的设计与实现》", 《中国优秀硕士学位论文全文库》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107040424A (en) * | 2017-05-26 | 2017-08-11 | 郑州云海信息技术有限公司 | A kind of method of automatic configuration ldap server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105450606B (en) | 2018-11-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11323316B2 (en) | Device configuration method and apparatus that are based on network configuration protocol | |
| Richter et al. | A primer on IPv4 scarcity | |
| US20230018257A1 (en) | Alias management method and device | |
| CN102868550B (en) | Total network flow scheduler and method for querying domain name resolution record by using total network flow scheduler | |
| CN111416865B (en) | Protocol proxy processing method and system based on mimicry defense | |
| CN103856580B (en) | A kind of method that IPv6 client computer accesses IPv4 servers | |
| CN104427010A (en) | NAT (network address translation) method and device applied to DVPN (dynamic virtual private network) | |
| CN108366356B (en) | Method and device for intercommunication between M2M system and identification analysis system | |
| WO2019233061A1 (en) | Routing resource control method and system for layer 3 switch | |
| CN104065759A (en) | Method for improving utilization efficiency of NAT address pool resource and device thereof | |
| KR20180103975A (en) | Method and system for managing resource objects | |
| JP4699530B2 (en) | Methods, systems, and applications for service addressing | |
| CN105282269A (en) | Local DNS root server configuration method and service method | |
| WO2015080553A1 (en) | Method and system for enabling ip communication between an ip device and a non-ip internet of things device | |
| JP2002344486A5 (en) | ||
| CN104253878A (en) | VLAN (Virtual Local Area Network) information management system and method of DHCP (Dynamic Host Configuration Protocol) RELAY termination sub-interface | |
| CN105991592A (en) | Same-natural-person identity maintenance method and apparatus, and server | |
| CN101764836A (en) | Distributed heartbeat server framework and progress processing method | |
| CN104539586A (en) | Session management method and device | |
| CN105450606A (en) | LDAP service node and synchronization method | |
| CN107786661B (en) | Information synchronization method | |
| CN105138581B (en) | A kind of write-in of mobile message and read method and system | |
| US8855015B2 (en) | Techniques for generic pruning in a trill network | |
| CN108196962B (en) | Method and device for realizing calling of interfaces of different versions | |
| CN203086518U (en) | Self-adaptive intelligent DNS server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |