LDAP 在网络世界中解决什么问题?

发布于 2024-08-16 23:51:32 字数 120 浏览 8 评论 0原文

我了解 LDAP 是用于与 OpenLDAP 等活动目录系统通信的协议。
我还了解 OpenLDAP 是一种在树中存储对象的数据库。
我的问题是:何时以及为何我应该使用(如果有的话)LDAP 而不是关系数据库。

I understand LDAP is the protocol which is used to talk to an active directory system like OpenLDAP.
I also understand OpenLDAP is a kind of database which stores objects in a tree.
My question is: When and for what should I use (if at all) LDAP instead of a relational DB.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

满意归宿 2024-08-23 23:51:32

关系数据库和基于 LDAP 的数据库解决不同的问题。 LDAP 非常注重快速读取、缓慢写入,它是分层的、分布式的并且基于权限(如 DNS)。如果您的数据与此假设不符,则 LDAP 不是正确的选择。

LDAP 可以很好地描述实体的层次结构,例如公司地址簿。虽然关系数据库要求每个部门访问包含所有地址的大型全局表,但 LDAP 解决方案允许将每个部门地址簿的责任分配给该部门本身,同时保持该地址簿可供公司中的其他任何人查询。

LDAP 允许您存储任何类型的信息。地址簿是最典型的示例,但所有可用作分层、以权限为中心的数据集的内容都可以存储在 LDAP 中。另一个例子:假设一个图书馆是图书馆联盟的一部分,他们想要存储有关他们拥有的书籍的数据。该数据库是分层的(每个图书馆在其边界内都是权威的)并且每个图书馆都独立于其他图书馆。在模式内部,您可以存储有关书籍的数据,例如作者、出版年份、标题、isbn 等。

为了存储数据,您可以使用特殊的文件格式 LDIF 来表示它,但 API 也存在。然而,LDIF 是查看信息的最简单方法。它只是一个纯文本文件。维基百科的一个例子

 dn: cn=John Doe,dc=example,dc=com
 cn: John Doe
 givenName: John
 sn: Doe
 telephoneNumber: +1 888 555 6789
 telephoneNumber: +1 888 555 1232
 mail: [email protected]
 manager: cn=Barbara Doe,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
 objectClass: person
 objectClass: top

这描述了一个叫 John Doe 的人的信息。它位于 dc=example、dc=com 的“领域”下,并且有一堆与其关联的其他信息(就像表行一样)。请注意,层次结构可以(显然)与互联网域相关联,就像在本例中一样,但实际上层次结构描述非常灵活。您可以根据国家边界或公司部门或您喜欢的任何内容来组织层次结构。

当您需要管理数据域(需要

  1. 灵活的架构并降低存储要求)时,
  2. 您应该使用 LDAP。减少写需求,强读需求
  3. 的管理和组织具有很强的层次性
  4. 信息权限和授权

A relational database and a LDAP based database solve different issues. LDAP is strongly focused on fast-read, slow write, it's hierarchical, distributed, and based on authority (like DNS). If your data don't match this assumption, LDAP is not the right choice.

LDAP works well to describe a hierarchy of entities, like for example a company addressbook. While a relational database would require every department to access the big global table with all the addresses, an LDAP solution allows to distribute the responsibility of each department's addressbook to the department itself, while keeping it available for query to anyone else in the company.

LDAP allows you to store any kind of information. The addressbook is the most typical example, but everything that can be intended as hierarchical, authority-focused dataset can be stored in LDAP. Another example: suppose a library is part of a consortium of libraries, and they want to store data about the books they have. The database is hierarchical (each library is authoritative within its borders) and each library is independent from the others. Inside the schema, you can store data about the books, such as author, publication year, title, isbn and so on.

To store data, you represent it using a special file format, LDIF, but APIs exist as well. LDIF, however, is the most easy way to see the information. it's just a plain text file. An example from wikipedia

 dn: cn=John Doe,dc=example,dc=com
 cn: John Doe
 givenName: John
 sn: Doe
 telephoneNumber: +1 888 555 6789
 telephoneNumber: +1 888 555 1232
 mail: [email protected]
 manager: cn=Barbara Doe,dc=example,dc=com
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
 objectClass: person
 objectClass: top

This describes the information about a guy called John Doe. It is under the "realm" of dc=example, dc=com, and has a bunch of other information associated to it (think like a table row). Note that the hierarchy can be (apparently) associated to internet domains, like in this case, but in reality the hierarchy description is very flexible. You can organize hierarchies based on national borders or company departments, or anything you like, as you prefer.

You should use LDAP when you need to manage a data domain where you have

  1. the need for a flexible schema with reduced storage requirements.
  2. reduced write needs, strong read needs
  3. strong hierarchical nature of management and organization of information
  4. authorities and delegation of authoritativeness
孤独陪着我 2024-08-23 23:51:32

这篇简洁而精彩的文章提供了与此场景相关的非常好的信息。

如果进一步感兴趣,您可以此处进一步深入,这是上面的链接。

This concise and nice post has very good info relating to this scenario.

If interested further, you can go a bit deeper in here, which is a continuation to the above link.

转身以后 2024-08-23 23:51:32

LDAP 适用于经常读取但很少写入的数据。例如,LDAP通常用于存储用户登录或密码信息。

LDAP is good for data which is frequently read and rarely written. For example, LDAP is often used to store user login or password information.

浮生面具三千个 2024-08-23 23:51:32

LDAP 是一个集中式用户和帐户管理系统,还可以存储一些数据字段。

LDAP is a centralized user and account management system which can also store some data fields.

没︽人懂的悲伤 2024-08-23 23:51:32

您还可以使用 LDAP 作为查找寻址机制来检索资源,例如数据库连接或远程服务。

我喜欢 LDAP 的好处是,您可以以目录/URL 方式检索内容。这与 RDBMS 完全不同,在 RDBMS 中您必须使用专用的查询语言。如果事物以分层方式组织,这通常是有意义且直观的。

You can use LDAP also as lookup-addressing mechanism to retrieve resources, for example Database-Connections or remote-services.

The nice thing I like about LDAP is, that you can retrieve stuff in directory/URL style. This is quite different to RDBMS where you have to use a dedicated query-language. This often makes sense and is intuitive if things are organized in a hierachical way.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文