The ABCs of LDAP: How to Install, Run, and Administer LDAP Services

 < Day Day Up > 


Accessing an LDAP Server via CGI Scripts

A CGI application is a good client-server implementation to access a directory. The client is the Web browser, and the server is the HTTP server. Using your favorite programming language, all you have to do is write a number of CGI scripts that access the directory on behalf of the end user. The LDAP protocol therefore remains completely hidden from the end user.

Exhibit 2 shows the architecture. The user makes a request via a browser for the URL corresponding to the LDAP application. The Web server receives this request and assigns it to an HTTPD process. The HTTPD process understands from the URL that a CGI script should service the request. It then launches the CGI script as a new process, delivering all the necessary parameters to this CGI script. Upon execution, the CGI script accesses the directory, formats the result in an HTTP response, and sends the output back to the Web browser.

Exhibit 2: Client-Server Implementation Using CGI Scripts

Recall from Chapter 4 that there are a great many programming languages that offer the possibility of accessing an LDAP repository via libraries. This solution is very easy to implement because you can break down the whole application into a number of CGI scripts, each of them offering a particular functionality, for example "search.cgi," "add.cgi," "delete.cgi," and so on.

However, this solution also has disadvantages deriving from the fact that each of these CGI scripts is a different process and is therefore executed in a different context. Because the HTTP protocol is a stateless protocol, no process knows about the processes executed before. Therefore, if you wish to develop a more complicated application, you will soon face the problem of saving state information from one request to the other. There are various ways to accomplish this:

CGI scripts are easy to write and maintain if you are writing a limited application. The details of directory access and the LDAP protocol remain hidden from the end user.


 < Day Day Up > 

Категории