Sincerely, Hallett German Alessea Software URL: http://www.alessea.com RSS: http://www.alessea.com/feed.xml mail:hallett.german@xxxxxxxxxxx ---------- -- Attached file included as plaintext by Ecartis -- LDAP: ACCESS & DATA ADMINISTRATION NEWSLETTER 09/04/04 Topics: LDAP Browser Interviews: Introduction and JXplorer Issue Contents: * LDAP Browser Interviews: Introduction * LDAP Browsers Interviews: Chris Betts -- JXplorer * Articles and Comments Welcome _______________________________________________________________ This newsletter is sponsored by Alessea Consulting. Business/IT Services for small and medium businesses. Specializing in network identity, project management, and business development. Visit us and read more about the Alessea difference. URL: http://www.alessea.com RSS: http://www.alessea.com/feed.xml _______________________________________________________________ By Hallett German Topic: LDAP Browser: Interviews Recently, your newsletter staff submitted a series of questions to all known MS Windows developers of LDAP Browser software. (Cygsoft, and CodeMerc were unable to be reached. We would love to include you as well!)These questions concerned product origin, development process, next product release, and more. Answers are printed here without revision except for minor changes. A few editors' notes are added for clarification. You can find the complete list of questions here: http://www.alessea.com/newsletters/questions.txt Topic: LDAP Browser Interviews: Chris Betts -- JXplorer Chris Betts is the creator of JXplorer, which is a powerful LDAP Browser. You can learn more about the product at http://www.pegacat.com/jxplorer/ and more about Chris at http://pegacat.com/cbetts/personal.html The smileys and the subject's enthusiasm below were left intact. Note: JXplorer still ships with Computer Associates eTrust Directory, however the version numbers are artificially synchronized with that product. The next version is therefore '8.1',which is equivalent to open source '3.1b1'. Q1. Why did you decide to create "yet" another LDAP directory browser when so many already exist? A.I started work on JXplorer in 1999 - at that time there were only a few browsers available (open source or not) and all were limited or not user-friendly. The main aim then was to create a schema-aware browser to accompany Computer Associates 'eTrust Directory'. It was only some years later (2002) that I was able to convince them to open source the browser. Q2. What is your process for deciding which features to include in future releases of your browser? Q3.How are these future release features captured? (e.g. User suggestions, employee input, bug tracking software:) Initially (and still to some extent) commercial pressures drive the core features. After that it's what I would enjoy implementing, and what people donate. Someone has just donated GSSAPI/Kerberos support for instance. People do add suggestions to the public SourceForge site, but the fastest way to get the additions you want is to implement them yourself and send me a patch :-). Q4a. Against what "checklist" did you use to see if your browser was LDAP-standard compliant? How do you track changes in the LDAP standard? How much time does your company spend doing this? A. A combination of reading the X.500 & LDAP standards, and a lot of Quality Assurance (QA) and practical interoperability testing with the commercial directory and other directories. The company does a lot of testing every commercial release cycle, and of course there are some automated tests in the nightly build. Q5. Do you plan to continue upgrading the product for the near future? A. Yes, but I'm relying more and more on user submissions, as my commercial work is now focused on web services security. I'm afraid JXplorer development has slowed down a lot since the arrival of the baby... He types very enthusiastically but he doesn't comment his code and his unit tests are rubbish. Q6. What are some of the features to be included in the next major release? A. The next release (3.1) is a relatively minor release; a bunch of bug fixes and some security 'nice to haves' (pre-encrypted passwords, Kerberos, and some SSL enhancements). [Update from Chris: I've put the JXplorer 3.1 release candidate up on sourceforge (sourceforge.net/projects/jxplorer) - if it checks out and there are not serious errors it will become the formal 3.1 release mid September and I'll do the proper install anywhere packages.] Q7. What lesser-known LDAP browser feature would your users might find helpful? A. I find you can do an awful lot with LDIF import/export. You can even use JXplorer to view and edit LDIF files offline which can be useful. I briefly thought of writing searching for offline LDIF files, but then realized the work would be the equivalent of writing my own directory server :-) Q8. Do you plan to add an API so users can customize the product? If you have/had an API, what types of things do/might customers use it for? A. There is already an extensive API for customization - in order of increasing complexity: a) Users can customize the HTML templates or create their own with their own branding. b) Users can change the icons used for displaying different object classes. c) Users can add their own language translation files. d) Users can write their own Java 'attribute editor' code for non- string attributes, keyed to different attribute classes, using a runtime plug-in architecture. (E.g. if you add your own schema attribute class 'CADblueprint' you can write a special purpose pop up editor for just that attribute) e) Users can write their own java 'entry editor' code for arbitrary object classes, using a similar runtime plug-in architecture. f) In theory, the JXplorer architecture is reasonably componentized, and can be extended to other non-LDAP protocols; e.g. LDIF and DSML. Q9. Which LDAP Director Servers have you tested against? A.Primarily our own; Computer Associates' eTrust Directory server. But we also do interoperability testing with Novell, Sun One and Active Directory (Although we tend to have trouble occasionally with Active Directory).I forgot to mention that of course we also test against OpenLdap's Slapd server. Q10. Describe your testing process (e.g. software used, process, tracking, etc) A. We use JUnit for unit testing, a custom LDAP test harness for system testing, manual testing for the GUI, and an in-house process and bug tracking system. The SourceForge bug track and user email lists are used as an adjunct, And good suggestions from those get fed back into the in-house system. Q11. What are some of the extremes that you have tested for (longest search, etc) A. Unfortunately JXplorer has a fairly heavy GUI, so it doesn't work well for large returned data sets. The optional GUI for assembling LDAP filters can create extrenally complex searches, but over a few thousand returned entries and JXplorer really starts to churn... I really should implement paged results :-) In the meantime the emphasis has been usability - although this means we take a massive speed hit by downloading the schema every connection. 12. Was there a question that you wished that was asked? What was the answer that you would had given? A. Who else would you like to thank for helping write this? And the answer of course is primarily Trudi Ersvaer who has done a lot of tricky programming on the code base, Jason Paul who helped with the build system and some dev work, Van Bui for the first cut of a lot of the security work, the hard working QA guys, and all the other open source contributors who have given us code submissions, bug reports, language files and encouragement :-). Topic: Articles and Comments Welcome I welcome 100-800 word articles for inclusion in future issues. Vendors and LDAP data administrators are particularly welcome. Of course, you receive full credit and ownership of your article. Thanks in advance for your help. Please feel free to comment on how useful it was and what you would like to see in the future. Contact me at hallett.german@xxxxxxxxxxxx ______________________________________________________________ About Hal German Hallett German has 20 years experience in a variety of IT positions and in implementing stable infrastructures. This includes directories/messaging architecture, deskstop support, and IT management. Hal is the founder of the Northeast SAS Users Group and former President of the REXX Language Association. He is the author of three books on scripting languages. Periodically, he writes articles on various business and IT topics. ______________________________________________________________ Contacting Hal German/Past Issues Mail: hallett.german@xxxxxxxxxxx Archive of the Identity Management newsletter: http://www.alessea.com/newsletters.htm _______________________________________________________________ Copyright Alessea Consulting 2004 _______________________________________________________________