[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Write-intensive LDAP

While you're at it.  Could you have the student code up a SQL where
clause to LDAP filter string converter?

Sandy Mustard

Rick van Rein wrote:
> Hello,
> Although it is common knowledge that LDAP is mainly used for applications
> that are almost read-only, I wonder if that is more than a cultural issue.
> I'm designing a directory holding certificates, but it would suit me rather
> well if I could put payment information and sales progress information in
> there as well.  So that it could be accessed by resellers in a standard
> format, rather than through some crummy web interface that half of the
> resellers would parse with Perl.
>  (Resellers are to act on behalf of OpenFortress in selling its digitally
>   signed products, and would therefore have access to the LDAP directory,
>   or a specific corner of it meant for resale.  Orders, when they are not
>   finalised yet, tend to go through phases, and would be changed by
>   different parties while doing so.  This is a specific example of a
>   workflow application, I suppose.)
> As far as I can tell from the LDAP protocol spec and the C API spec, there
> is no technical hindrance that would stop apps like this, that write more
> often than a phone book changes.  When I look at the OpenLDAP software
> though, and I bet other software behaves similarly, it is not very good at
> processing many writes.  I am unsure, but this may be a backend issue, and
> it could perhaps be solved with a specific backend for the reseller corner
> of the directory, that welcomes writes and is less eager to build indices
> than OpenLDAP usually is.
> This corner of OpenLDAP (this backend) would even the balance between read
> and write speed, whereas the rest of OpenLDAP (the other backends) would be
> more supportive of reading and less of writing.
> The ODBC/SQL backend isn't suitable for this situation.  For one, because
> it's (currently) readonly; for two, because it wastes too mcuh time going
> through generic API layers and querying the database just to build a query;
> for three, because I want to store information in a directory structure in
> the first place.
> I am considering to put an MSc student on this, as a thesis project.  Have
> him figure out whether OpenLDAP could be made more write-willing with a
> suitable backend.
> Any reaction to this slightly-weird train of thoughts is quite welcome!!!
> Greetings,
> Rick van Rein,
> OpenFortress.