A method of searching LDAP directories using XQuery

Ted Hesselroth
Ted Hesselroth
17 May 2010, 16:10
29 Nov 2010, 10:00
29 Nov 2010, 10:00
  • Public document
A method by which an LDAP directory can be searched using XQuery is described. Examples are given of application of the tool in the Open Science Grid, which for discovery purposes operates an LDAP server that contains Glue schema-based information on site configuration and authorization policies. Pre-written XQuery scripts are provided for common searches, such as determining a resource's operating system version and job submission or data access endpoints. The XQuery scripts compactly replace hundreds of lines of custom python code that relied on the unix ldapsearch utility. Furthermore, the use of XQuery or XPath enables integration with modern enterprise service bus frameworks such as Mule or XAware and will allow a more seamless transition to future XML-based discovery sources. The strategy behind the tool consists of four steps. First the XQuery script is examined and relevant XPath expressions are extracted, determined to be sufficient to define all information needed to perform the query. Then the XPath expressions are converted into their equivalent LDAP search filters by use of the published LDAP schema of the service, and search requests are made to the LDAP host. The search results are then merged and converted to an XML document that conforms to the hierarchy of the LDAP schema. Finally, the XQuery script is executed on the working XML document by conventional means. Installation of the tool is available through the Virtual Data Toolkit.
CHEP 2010 held from 18 Oct 2010 to 22 Oct 2010 in Taipei, Taiwan
