sponsor: Jon Keller (jmkeller@tivoli.com)
This document describes an idea for a senior project team to create a tool which will query a Lightweight Directory Access Protocol (LDAP) server for information about users, and provide this information to a Workflow Server currently being developed by Tivoli. This project is great because it provides students with the opportunity to do both low-level network protocol implementation programming as well as high-level programming implementing and using objects.
LDAP is a network protocol (like HTTP, FTP, etc.) which is used in a client/server environment to keep track of objects that live in some hierarchy. The objects usually represent people, but this is more of a custom than a requirement. An LDAP client can query the LDAP server for one or more objects at a particular location within the hierarchy. The client can also request that only some subset of the attributes of the described objects be returned by the server.
Tivoli is currently developing a Workflow Server and various associated client applications. These allow for the designing of Business Processes (i.e. upgrade an employee’s computer). Business Processes are composed of Activities (i.e. approve purchase, order hardware, assemble hardware, install software, dispose of employee’s old computer). Each Activity may be performed by one or more Participants, who may be identified by name, by role (i.e. manager, IT technician, shipping dock receiver, etc.), or by group. The Workflow Server will then manage the Business Processes, presenting the tasks to be done to the appropriate Participants at the appropriate times via an email-like inbox.
The Workflow Server therefore needs to be able to find out which Participants exist, so it can decide who to assign work to. For the purpose of easy customization, the functionality for providing Participant information to the Workflow Server will exist in an object called an IntegrationModule.
Participant objects will contain attributes such as name, user id, password, group(s) and role(s), along with appropriate methods to read and write the values of these attributes.
The team will create an object that functions as an LDAP client and implements the IntegrationModule C++ interface. The Workflow Server will ask this object for Participant information, the object will then in turn ask an LDAP Server for this information, transform it if necessary, and return the information to the Workflow Server in the form of a sequence of Participant objects.
More specifically, this IntegrationModule will provide methods to the WorkflowServer which will perform operations such as: return the name of the IntegrationModule, return the version of the IntegrationModule, return a boolean value indicating whether the IntegrationModule can provide Participants to the Workflow Server (since there are several other types of IntegrationModules), return a boolean value indicating whether the IntegrationModule can provide Group information to the Workflow Server, return a boolean value indicating whether the IntegrationModule can provide Role information to the Workflow Server, return boolean values indicating whether the IntegrationModule is of one of the other types of IntegrationModules, return a Participant who meets a particular set of criteria, return a sequence of Participants who meet a particular set of criteria, create a Participant, authenticate a Participant who is attempting to log in to an application which is a client of the Workflow Server, return a sequence of the Roles provided, create a new Role, return a sequence of the Groups provided, create a new Group.
· Object Oriented Analysis
· Object Oriented Design
· Object Oriented Programming in C++
· Network protocol implementation
· TCP/IP socket programming (since LDAP sits on top of TCP/IP)
· LDAP protocol specification
· Writing Dynamic Libraries
· Development of cross-platform code (NT + various UNIXes)
· The opportunity to gain a fundamental understanding of LDAP.
· The opportunity to interact with experienced C++ developers to hone programming skills towards the professional level.
We will have a tool that allows us to utilize any LDAP server as a provider of Participants to our Workflow Server. LDAP servers are widely available and are becoming more popular as time goes by. Integration with them will require our customers to reenter and store less duplicate data.
· Specification of interfaces of Participant, IntegrationModule, Group, and Role interfaces, which will be forthcoming from Tivoli Developers.
· C++ compiler.
· LDAP protocol documentation. Useful starting points are:
· http://www.umich.edu/~dirsvcs/ldap/doc/
· http://www.critical-angle.com/ldapworld/ldapfaq.html
This project will be found quite beneficial to both the college senior team members and Tivoli. The team members will gain valuable experience using in-demand skills in C++, low-level network protocol implementation, as well as the cutting-edge technology that is LDAP. Tivoli will realize greater integration potential with customers’ existing applications, at a greatly reduced development cost.