Module | Name | Version | License | Source | Languages | Platforms | Type | Author |
---|---|---|---|---|---|---|---|---|
LDAP | Directory by LDAP
|
0.6 | GPL2 | bd_LDAP.so | en,uk,ru,de | x86,x86_64,ARM | DB | Roman Savochenko |
Description | ||||||||
BD module. Provides support of directories by LDAP.
|
The module gives to OpenSCADA support of directories by Lightweight Directory Access Protocol (LDAP). The module is based on the OpenLDAP library on the programming language "C". Due conceptual difference the directory service from data bases (DB) the module allows you to perform mostly reading and modification entries represented as tables' records in the DB conception.
Directory service or name service maps the names of network resources to their respective network addresses. It is a shared information infrastructure for locating, managing, administering and organizing everyday items and network resources, which can include volumes, folders, files, printers, users, groups, devices, telephone numbers and other objects. A common use of LDAP is to provide a central place to store usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users. The protocol provides an interface with directories that follow the 1993 edition of the X.500 model:
The module provides only opening database (representing in that way of a base entry) operation. In terms of the subsystem "DB" of OpenSCADA, opening of a DB is its registration for further using of the program. It also supports the operation of requesting the list of tables in the database.
LDAP database (connection) is addressed in the following format "ldap[s]://{host}[:{port}];bdn[;{adn};{pass}[;{tm}]]", where:
The operations of opening and closing of the table (representing in that way of an entry into the base entry) only are supported. As a table is considered to be elements with existing the attribute "ou" (usually it is the object class "organizationalUnit") that are included in the base element.
API of the subsystem "DB" suppose the access to the contents of the table on the value of key(s) fields. Thus, the operation of requesting of the record implies the preset of key columns of the object TConfig, which will do the request. Creating a new record (row) is performed by setting the record values that are missing.
Before setting any value, the module loads the current value, compares them and then sends only the changed value.
The module currently does not differentiate the attribute types of the elements and considers all of their as strings.
To perform all this operations for the OpenSCADA nodes you need to create, load and use of the specific schemes of this nodes to the directory server. All known schemes of the OpenSCADA nodes provided into the followed table:
OpenSCADA node | Value of the Organizational Unit "ou" (table name) | Structure | Scheme, auxiliaries mostly |
---|---|---|---|
User | ou=Security_user | NAME, DESCR, LONGDESCR, PASS, LANG, PICTURE | OSCADA-user |
Users group | ou=Security_grp | NAME, DESCR, LONGDESCR, USERS | OSCADA-grp |
A subtree of LDAP entries of the typical tables of users and their groups looks like:
Access rights to the database are determined by the user rights of the connection.
Modules/LDAP/en - GFDL | March 2024 | OpenSCADA 0.9.7 |