I am working on scalable web application.I am planning to use LDAP for login authentication purpose. I am new to LDAP when I search about it I found two important implementations:
I search about performance comparison between two but i found very confusing benchmark results from various people. Some benchmark conclusion is performance is relatively same and few are saying openLDAP having greater performance as compare to Apache DS.
There are 4 open source implementations of LDAP directory servers :
Since there is no standard for LDAP benchmark, you will always find results that are in favor of the preferred server of the person running them. Regardless, performances are so tied to the scale of the data stored in the server, and the underlying hardware, that you shouldn't be selecting a product based uniquely on past benchmark results.
Go to the four projects, look at the product features, get them and install them, run the same tests on them for your data and load.
OpenDJ for example has tools to generate sample data (very large sets) and run performance testing for authentication, searches, modifications, creation and deletion (authrate, searchrate, modrate, addrate...).
OpenLDAP and ApacheDS are great solutions that work across many platforms.
OpenLDAP is much more scalable and lightweight, however, keep in mind there are not that many tools for managing LDAP servers. OpenLDAP must be configured via command line using LDIF's. This is repetitive work that you have almost certainly have to have a domain administrator doing.
ApacheDS has a client solution and their config's are separated into XML files. ApacheDS is built on Java and yes you can expect there to be garbage collection.
Both ApacheDS approach scaling and their data backends similarly. In fact, in both cases it's the more manual way of clustering. You cluster for availability or you cluster for performance.
The previous responder mentioned OpenDJ which is not free to use in commercial settings by the way. Their license requires you purchase a license from them to use it commercially.
There are 4 open source implementations of LDAP directory servers :
Since there is no standard for LDAP benchmark, you will always find results that are in favor of the preferred server of the person running them. Regardless, performances are so tied to the scale of the data stored in the server, and the underlying hardware, that you shouldn't be selecting a product based uniquely on past benchmark results.
Go to the four projects, look at the product features, get them and install them, run the same tests on them for your data and load.
OpenDJ for example has tools to generate sample data (very large sets) and run performance testing for authentication, searches, modifications, creation and deletion (authrate, searchrate, modrate, addrate...).
use OpenLDAP if you need an easy to install lightweight server setup, these days one can just pull a docker image that comes pre-populated.
The open source variant of RedHat Directory Server is 389 Directory Server. Documentation is decent and it supports dual master replication and the EPEL repos have a console and admin console with graphical interface that is rather convenient.
Know your ldapsearch commands first is my tip, so you understand the technology and tools better. In the past I created a chef recipe that setup a fully working 389-DS server in dual master mode, which what I needed and so became my preferred solution. To test locally I use openldap in a docker container.
© 2022 - 2024 — McMap. All rights reserved.
