Browse Prior Art Database

Model Driven Approach for Provisioning LDAP Based Repositories

IP.com Disclosure Number: IPCOM000199827D
Publication Date: 2010-Sep-17
Document File: 6 page(s) / 110K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a model driven approach for LDAP provisioning.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 6

Model Driven Approach for Provisioning LDAP Based Repositories

Unified Modeling Language (UML) is a commonly used and accepted modeling

language from the Object Management Group (OMG). It is a visual language for

specifying, constructing and documenting various aspects of a system. It is a general

purpose language and has been applied to many application domains.

As a first step towards a model driven approach for LDAP provisioning, a Unified

Modeling Language model is provided to represent the information and naming model.

The class diagram in Fig. 1 shows the important LDAP concepts modeled as UML

classes:

Figure 1

The LDAPEntry class is associated with one or more object classes through the objectclasses attribute. An object class is associated with a list of mandatory attributes and another list of optional attributes. An attribute is associated with a syntax and one or more matching rules. Finally an entry is composed of a set of attribute value pairs which are determined by the objectclasses it belongs to (constraints are not shown in

1

[This page contains 1 picture or other non-text object]

Page 2 of 6

Fig. 1 above for simplicity).

Further, a UML profile for LDAP is proposed herein. The UML profile models a tree structure in which the nodes are types rather than actual entries. This provides a provisioning system using this model with additional information about the types of entries which are to be provisioned and their relative location in the tree structure. This information is not available from LDAP schema model shown in Fig. 1.

A meta model for LDAP is proposed (shown in Fig. 2) in which a class LDAPEntryType is introduced which represents an analogue of a relational table. Instances of this class represent classes that completely determine the structure of the entity being provisioned. In addition, instances of this class are linked to each other in a tree structure either through a direct parent/child relationship or an alias connecting a parent to the child.

Figure 2

An LDAP domain represents a special type of entry which is a container for a large number of entries of the same type. For example, ou=employees,o=IBM,c=us is a domain entry which is the parent of all employee records in IBM US. There are a very

2

[This page contains 1 picture or other non-text object]

Page 3 of 6

few number of domains in a typical LDAP instance. The LDAPDomain class is used to model various domains in a particular LDAP instance. A domain is completely specified by DN, object class of the domain entry and a domain ID.

Instances of LDAPAttribute meta class represent an LDAP attribu...