| Title: 1.2 - Newtork Layer |
| NavPrev: 1.1-architecture-overview.html |
| NavPrevText: 1.1 - Architecture Overview |
| NavUp: 1-architecture.html |
| NavUpText: 1 - Architecture |
| NavNext: 1.3-directory-service.html |
| NavNextText: 1.3 - DirectoryService |
| Notice: Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| . |
| http://www.apache.org/licenses/LICENSE-2.0 |
| . |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| |
| # 1.2 - Network Layer |
| |
| This layer is the part the user connects to when he wants to obtain some data from the server. This is not a mandatory part of the server : we don't need to use it when the server is embedded. |
| |
| We offer more than just LDAP protocol, the server also include various protocols : |
| |
| * Kerberos |
| * NTP |
| * DHCP |
| * DNS |
| * ChangePassword |
| |
| Not all of them are implemented in the current version, but at least the Kerberos server is available. The other protocols have been developed as a proof of concept : as they are all depending upon a storage database, we have used the LDAP server as a storage. |
| |
| It's perfectly possible to imagine more protocols being implemented in the near future... |
| |
| ## Server startup |
| |
| This chapter title is a bit misleading. We don't start a server, we start a _DirectoryService_, then we start various servers on top of it. |
| The _DirectoryService_ is the part responsible for the management of data (retrieval, storage, etc). All the servers can access this storage if needed. |
| |
| So when the _DirectoryService_ has been started and is operational, we can start the various servers, which will accept incoming requests from remote peers. |
| |
| ### Transports |
| |
| We allow connection through the definition of _transports_. A _Transport_ is a **TCP** or an **UDP** socket capable of absorbing a request and to send a response. Depending on the type of server, we may declare one or more **TCP** _Transports_, or a **TCP** and a **UDP** _Transports_, or an **UDP** _Transport_ only. |
| |
| ### Ldap Server |
| |
| The LDAP server needs one or two **TCP** _Transport_. We have the standard *LDAP* port (defaulting to *10389* for _ApacheDS_, but the well know port is usually 389), and one can also declare the *LDAPS* port (defaulting to *10636* for _ApacheDS_, but the well know port is usually 636). |
| |
| <DIV class="warning" markdown="1"> |
| Note that *LDAPS* is considered as deprecated. |
| </DIV> |
| |
| ### Kerberos Server |
| |
| The Kerberos Server uses one **TCP** _Transport_ (defaulting to *60088*, but the well know port is 88 ) and one **UDP** _transport (same value for both ports). The idea is that the communication starts on **TCP** and continues on **UDP**. |
| |
| ### ChangePassword Server |
| |
| The ChangePassword Server uses one **TCP** _Transport_ and one **UDP** transport, too. The default value is *60464*, but the well known port is *464*. |
| |
| ### Http Server |
| |
| We have a HttpServer running too, it's used for management. The declared ports are both **TCP** port, one is for HTTP and its default value is *8080*, the other one is for HTTPS and its default value is *8443*. |
| |