[Date Prev][Date Next] [Chronological] [Thread] [Top]

Write-intensive LDAP


Although it is common knowledge that LDAP is mainly used for applications
that are almost read-only, I wonder if that is more than a cultural issue.

I'm designing a directory holding certificates, but it would suit me rather
well if I could put payment information and sales progress information in
there as well.  So that it could be accessed by resellers in a standard
format, rather than through some crummy web interface that half of the
resellers would parse with Perl.

 (Resellers are to act on behalf of OpenFortress in selling its digitally
  signed products, and would therefore have access to the LDAP directory,
  or a specific corner of it meant for resale.  Orders, when they are not
  finalised yet, tend to go through phases, and would be changed by
  different parties while doing so.  This is a specific example of a
  workflow application, I suppose.)

As far as I can tell from the LDAP protocol spec and the C API spec, there
is no technical hindrance that would stop apps like this, that write more
often than a phone book changes.  When I look at the OpenLDAP software
though, and I bet other software behaves similarly, it is not very good at
processing many writes.  I am unsure, but this may be a backend issue, and
it could perhaps be solved with a specific backend for the reseller corner
of the directory, that welcomes writes and is less eager to build indices
than OpenLDAP usually is.

This corner of OpenLDAP (this backend) would even the balance between read
and write speed, whereas the rest of OpenLDAP (the other backends) would be
more supportive of reading and less of writing.

The ODBC/SQL backend isn't suitable for this situation.  For one, because
it's (currently) readonly; for two, because it wastes too mcuh time going
through generic API layers and querying the database just to build a query;
for three, because I want to store information in a directory structure in
the first place.

I am considering to put an MSc student on this, as a thesis project.  Have
him figure out whether OpenLDAP could be made more write-willing with a
suitable backend.

Any reaction to this slightly-weird train of thoughts is quite welcome!!!


Rick van Rein,