Show Table of Contents
13.4. Sample DIOP Plug-in
To help you understand the DIOP feature, a sample DIOP plug-in is included with Directory Server. This section provides an overview of the sample plug-in and explains how you can use the plug-in to verify whether the DIOP feature works in Directory Server. The preceding section, Section 13.3, “Using the DIOP Feature”, explains how you can use the sample plug-in. The next section, Section 13.4.1, “Debugging the Plug-in”, explains how to troubleshoot the plug-in.
The sample plug-in is located in the
/usr/lib64/dirsrv/plugins/ directory. The shared library for the plug-in is named libtest-plugin.so and is implemented by
testdatainterop.c[.h] testdbinterop.c db.h
located in the same directory.
Note the following:
- The main goal of the sample plug-in is to show how to create a simple plug-in that supports data interoperability.
- The plug-in does not attempt to create any usable functionality to access backends (database or files) but returns observable output uniformly to verify that the functions in the pre-operation plug-in have been accessed and executed for different LDAPoperations.
- The plug-in demonstrates the use of APIs, which meet the requirements of the DIOP feature.
In the following table, the various required elements of the pre-operation plug-in are identified by the function calls used in the
testdatainterop.c (to illustrate the use and simplify understanding).
Table 13.2. Elements of Pre-Operation Plug-in
| Element | Description |
|---|---|
| Description of the Plug-in | #define PLUGIN_NAME "nullsuffix-preop"
static Slapi_PluginDesc plugindesc =
{ PLUGIN_NAME, Red Hat, 7.1, sample pre-operation null suffix plugin }x
|
| Initialization of the Plug-in by the Server | nullsuffix_init( Slapi_PBlock *pb )
In this function, all the callbacks are set up and will be called by the server for each LDAP operation.
|
|
Reserved Naming Contexts
(cn=schema, cn=config, cn=monitor)
|
slapi_op_reserved() is called to determine whether the operation should be handled internally by Directory Server; for example, whether the base on which the operation is applied is a reserved naming context. If returns a non-zero value, the plug-in does not attempt to handle that operation. This is performed by the following code snippet:
if( slapi_op_reserved(pb) ) {
return PLUGIN_OPERATION_IGNORED;
}
Refer to
testdatainterop.c for details.
The slapi_op_reserved() function, which can be used for reserving some of the naming contexts in the Directory Server (
cn=schema,cn=config,cn=monitor), is called first in the database plug-in and then the call for turning off access control.
|
| Sparse Tree Support | Any modifications done to the server on the null suffix are processed by the plug-in. The plug-in writes the DN of all modifications received to a standalone BerkleyDB, and trying a simple test using LDIF entries without the required object classes or parent entries will still get processed by the server, populating the database created by the plug-in. See nullsuffix_modify and testdbinterop.c for details. The plug-in has not been coded for the retrieval of those entries but has been coded to demonstrate sparse tree support only. |
| Access Control | Switching off access control for the operation is done by: slapi_operation_set_flag(op, SLAPI_OP_FLAG_NO_ACCESS_CHECK ); See testdatainterop.c for details. |
| Null Suffix Support | The plug-in cannot control the support for null-suffix in the server. The support for null-suffix is done through configuration modification of the server as shown in Section 13.4, “Sample DIOP Plug-in”. |
| Building the Data Interoperability Plug-in | The compiler used on Solaris is Forte. For example: cd /usr/lib64/dirsrv/plugins gmake libtest-plugin.so is generated. |
|
Flag used for LDAP operation
|
Callback
|
|---|---|
SLAPI_PLUGIN_PRE_SEARCH_FN | nullsuffix_search |
SLAPI_PLUGIN_PRE_ADD_FN | nullsuffix_add |
SLAPI_PLUGIN_PRE_MODIFY_FN | nullsuffix_modify |
SLAPI_PLUGIN_PRE_DELETE_FN | nullsuffix_delete |
SLAPI_PLUGIN_PRE_BIND_FN | nullsuffix_bind |
SLAPI_PLUGIN_PRE_MODRDN_FN | nullsuffix_modrdn |
13.4.1. Debugging the Plug-in
If you need to debug the plug-in installed on a Solaris machine, you can use
dbx:
cd /usr/share/dirsrv/bin/slapd/serversetenv NETSITE_ROOT /usr/share/dirsrvdbx ns-slapdrun -d 65536 -D /usr/lib64/dirsrv/slapd-<diopInstance>- Once the server starts up and error logs show that the server has started, press
Ctrl + C. stop inuser-defined-function-in-the-plugin
Similar steps can be done on other platforms, using the platform-specific debuggers and commands.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.