The answer is simple, when it is used as a Web Server Proxy rather than an LDAP Proxy.
Let's look at the classic definition of a virtual directory (in the interest of full disclosure, this is from the SAP VDS whitepaper)
"The Virtual Directory Server can logically represent information from a number of disparate directories, databases, and other data repositories in a virtual directory tree. Various users and applications can get different views of the information, based on their access rights. "
But what happens when we do web services on both the front and back end of the VDS? Well, I do not think it is really a Virtual Directory any more. We're not representing information in a Directory form and we're not doing read/search operations. It certainly would seem to put the never ending cache debates to bed as well. I'm thinking that what we now have is a web services proxy; or in a more mature implementation, a Virtual Application Server.
So how the VAS would be used? Simplest case would be to have an application make a request to a VAS for information. This information is available from another VAS connected system via some mapping logic that would be able to tell VAS where to find it. With this information delivered to the targeted system the proper information is obtained and returned to the requesting application.
You would have to wonder how often something like this is needed after all, web services connectors can be written easily enough. However, what happens when we do not have all the code or if there’s a need to segregate the request over multiple domains or firewall zones. That I think would be one use case for the VAS. Another would be when there is no direct connection say, between a role management system and a provisioning system, two common IdM applications these days. This could open up completely new ways for systems to interconnect. I wonder if anyone has been thinking along these lines.
2 comments:
Hi Matt, you may be interested in what we have recently done for one customer with our ViewDS XML Directory & Visualisation server. (www.viewds.com)Here the customer wanted to do real time join of data from Active Directory, SQL server, Oracle and some external other databases and join it to its corporate Directory running on ViewDS. So we integrated Oracle Virtual Directory at the back end of our ViewDS discovery and search engine such that when a Comoonent Match search was done that triggered a real time search and join of data frm the external sources into our ViewDS webDUA where we joined the data from within the ViewDS server and that data from the external databases. Here we get the best ofg both world's Component Matching and up to 24 different types ogf heurestic matching plus the strength of the back end Virtual directory.
Andrew,
Interesting extension of the VDS use case.
However one of the best things about Virtual Directories is that they can be extended in various ways.
Congrats on a great solution!
Cheers,
Matt
Post a Comment