1. Field of the Invention
The invention relates generally to directory services for data networks. More particularly, the invention relates to the provision of data interoperability between open standard directory services and proprietary databases.
2. Description of Related Art
LDAP (Lightweight directory access protocol) may be seen as a streamlined version of X.500, an open standards model for managing online directory services. Due to X.500 being designed for the OSI protocol, and the difficulty of implementing X.500 in smaller computer systems, LDAP, designed to run directly over the TCP/IP stack, was developed.
An LDAP directory service allows a user to locate organizations, individuals, and other resources such as files and devices, in a network, whether on the Internet or a corporate intranet. LDAP is both an information model and a protocol for querying it, employing a data and namespace model essentially identical to X.500. An LDAP directory is organized as a hierarchic tree, providing a ‘root’ at the top of the tree and branching out to, perhaps, ‘countries,’ ‘organization,’ ‘organizational units,’ and, finally, ‘individuals.’ An LDAP directory may be seamlessly distributed across many servers, and when an LDAP server receives a request, it takes responsibility for the request, passing to other servers as necessary, but providing a single, coordinated response to the user. Such homogeneity requires a data model that imposes rigid constraints. For example, every entry in an LDAP tree must either be a child, or it must be a suffix. Additionally, an LDAP tree is strictly object-oriented, in which each entry inherits all the attributes and properties of its parent. Unfortunately, data sources aren't always so homogenous. For example, a relational database consists of tables in various relationships to each other, not conforming at all to the object-oriented LDAP model. If a user attempted to direct a query to a relational database from an LDAP client, the LDAP server would simply return an error message. Nonetheless, there are many organizations, having databases in formats incompatible with LDAP, who would like to make them searchable from an LDAP client.
M. Morgenstern, Integration platform for heterogeneous databases, U.S. Pat. No. 5,979,490 (Oct. 19, 1999) employs an interoperability assistant to transform source data into a common, intermediate representation, and subsequently into a final, target representation. Thus, Morgenstern integrates heterogeneous data sources by porting the data to a new database in a target format. It would be desirable to provide a method of data interoperability without requiring creation of an entirely new database.
R. Kumar, P. Wechsler, External data store link for a profile service, U.S. Pat. No. 6,343,287 (Jan. 29, 2002) describes a method and system for integrating external data stores into a service application such as a profile service. Kumar, et al. provides an API (application programming interface) and SPI (service provider interface) that allows an application to access a variety of different naming and directory services. Plug-in service provider interfaces implement specific access protocols for the naming and directory services. Kumar doesn't contemplate the problem of accessing a proprietary database from an open standard directory service.
What is needed is a simple method of accessing a proprietary database from an open standards directory service that doesn't require the creation of new databases or addition of multiple extensions to the service. It would be desirable to make minor modifications to the directory tree that would preserve default functionality while allowing operations to be routed to an operation handler element, wherein operations for the proprietary database are handled by the handler element. It would be desirable to disable normal access control measures for operations directed to the external database, and it would also be extremely useful to free the pre-operation handler of normal data constraints, such as the requirement of a well-formed tree, thus allowing a search result to be seamlessly returned by the directory server, as though the proprietary database were an LDAP compatible directory.