Hello everybody,
I'm glad to announce the addition of a new module for OpenSER called
"LDAP module". This module implements the following features:
* LDAP search function taking an LDAP URL as input
* LDAP result parsing functions to store LDAP data as AVP
* Support for accessing multiple LDAP servers
* LDAP SIMPLE authentication
* LDAP server failover and automatic reconnect
* Configurable LDAP connection and bind timeouts
* Module API for LDAP search operations that can be used by other
OpenSER modules
The module implementation makes use of the open source OpenLDAP library
available on most UNIX/Linux platforms. Besides LDAP server failover and
automatic reconnect, this module can handle multiple LDAP sessions
concurrently allowing to access data stored on different LDAP servers.
Each OpenSER worker process maintains one LDAP TCP connection per
configured LDAP server. This enables parallel execution of LDAP requests
and offloads LDAP concurrency control to the LDAP server(s).
An LDAP search module API is provided that can be used by other OpenSER
modules. A module using this API does not have to implement LDAP
connection management and configuration, while still having access to
the full OpenLDAP API for searching and result handling.
Since LDAP server implementations are optimized for fast read access,
they are a good choice to store SIP provisioning data. Performance tests
have shown that this module achieves lower data access times and higher
call rates than other database modules like e.g. the OpenSER MYSQL module.
Module source code and documentation are available in OpenSER SVN trunk.
The documentation including module installation instructions is also
available in HTML format at:
http://www.openser.org/docs/modules/devel/ldap.html
This module has been in production use for several months at the
University of North Carolina together with OpenLDAP LDAP servers
(slapd). I welcome all to test this module in their environment in order
to improve code quality, feedback is always appreciated.
cheers,
Christian