I have seen several good articles about LDAP. Anyone who is interested in LDAP but not a master needs to take a look (here LDAP and Directory are counted as a meaning, strictly speaking, directory is the Directory service, and LDAP is the protocol used to access this Directory service. You can understand this by yourself ):
- What is LDAP? Do I need it?
- Do I need LDAP or a database?
- LDAP refining Summary
In essence, LDAP is suitable for hierarchical structures with special emphasis on reading and searching speeds. It does not require a particularly high write speed for data storage. It has several features:
- Ultra-high read Speed
- Relatively static data, such data cannot be updated too frequently, such as storing users' phone numbers (you can't change it)
- Distributed. distributed can have two meanings here. The first is that the data stored in itself can be distributed in multiple places, and the other is to decouple specific data from applications, this will become the basis for single-point login. for example, a company has a lot of applications that require identity verification. Each application should separate authentication and hand it over to a centralized place for verification. Therefore, it is possible to implement Single-point login, this authentication (such as user name, password, and permission) can be decoupled from the application using LDAP.
- Hierarchical Structure: The data has a hierarchical structure, which can be used to indicate the data organization and relationship.
- Object-oriented, the elements in LDAP are object-oriented.
- The standardized mode allows you to define the classes and attributes of stored data.
- Multi-Value Attribute supported
- Supports multiple active copies and allows data mirroring on multiple LDAP servers at the same time
So what do everyone do with LDAP? LDAP is very popular in three aspects:
- For user verification, imagine the pain of designing and verifying the user table structure for each application.
- Used for user authorization
- It is used to store user information, such as name, phone number, address, and hobbies. This information is usually required by every application to share this resource.
Under what circumstances should I use a database instead of LDAP?
- Data changes frequently, such as data in a bank account.
- Data requires strict transaction processing to ensure atomicity and consistency
- Data Writing is as important or more important as reading and searching.