This invention relates to communication between a server and a client over a telecommunications network, for example over the Internet. In particular, the invention finds application to communication over a telecommunications network employing directory services.
A directory service as provided in a telecommunications network, such as the Internet provides, is a physically distributed repository of data for managing the network. The purpose of the directory service is to locate and identify users and resources in the network. In the same manner as a telephone directory, the information can be classified by user or classification. Information about network components is stored in a distributed manner. The information is replicated in a number of network servers so that a user or service can refer to a local server for the information. Modifications made to the directory information are propagated to the replicated versions. In view of the need for replication, the directory service clearly works best if the information held is relatively static.
FIG. 1 of the accompanying drawings is a simple representation of a typical prior art Internet environment supporting a directory service 10. In this environment, a directory service master 14 including a master directory database 16 is located on a first server 12. Replication 18 is employed to create a replicated version of the directory service master database 16 on each of one or more remote server(s) 20 in one or more directory service slave database(s) 24 of one or more directory service slave(s) 22. The replication mechanism, in order, for example, to replicate a modification of the directory service master database 16 on the directory service slave database(s) 24, uses unsolicited messages between the directory service master 14 and each directory service slave 22. The combination of the directory service master 14 and the directory service slave(s) 22 forms the directory service 10. Only one remote server 20 with one directory service slave 22 and one directory service slave database 24 is shown in FIG. 1 for illustrative purposes and ease of explanation. The replication 18 can be effected under a conventional directory service protocol, for example the Lightweight Directory Access Protocol (LDAP). Information about LDAP can be found, for example, in W Yeong, T Howes, and S. Kille, "Lightweight Directory Access Protocol", RFC 1777, March 1995.
A Directory User Agent (DUA) 28 for a device or application (hereinafter termed an appliance) 26 is able to access the directory service 10 to read information from or to write information to the directory service 10. The DUA 28 forms a directory user client for access to the directory service server(s) 12/20. As shown in FIG. 1, the access is by way of the directory service master 14, although it could equally be by way of a directory service slave 22. It will be appreciated that there will typically be a large number of appliances and DUAs 28 requiring and making access to the directory service 10. Only one appliance 26 and DUA 28 is shown in FIG. 1 for illustrative purposes and ease of explanation only.
Access by the DUA 28 to the directory service 10 is by way of request 30 and response 32 messages under a conventional protocol, for example LDAP. This protocol enables clients to perform protocol operations with respect to servers. A client transmits a protocol request describing the operation to be performed to a server. The server then performs the required operations on the directory and returns one or more responses containing any results or errors to the requesting client.
An aim of the protocol is to minimise the complexity of clients. LDAP is designed to operate over a connection-oriented, reliable transport, with all 8 bits in an octet being significant in the data stream. For example, LDAP can operate over the Transmission Control Protocol (TCP) on the Internet (IP), with LDAP messages mapped directly onto the TCP bytestream.
It is well known that Internet usage is expanding at a phenomenal rate. As well as an ever increasing number of users making access, the type of information transfer which is occurring is changing. While the conventional structure described with reference to FIG. 1 is quite efficient for information which is essentially static, it becomes network intensive when, for example, a DUA 28 needs to poll a variable, for example directory information about a particular user or network resource.
The invention seeks to provide a mechanism, method and system which seeks to eliminate or at least mitigate the problems associated with the conventional directory access mechanisms described above.