Json2Ldap roadmap

1. LDAP connection pooling

To speed up ldap.connect operations to the default LDAP server support for LDAP connection pooling can be added. This change can be implemented transparently so that client code will not be affected.

2. Web sockets

Web sockets offer the potential to further boost request latency and throughput. Json2Ldap’s JSON-RPC protocol is a natural fit for this transport too.

3. Client X.509 certificate authentication

LDAP servers support various methods for authenticating (binding) clients / users. The most common is the simple bind using a password (see ldap.simpleBind ).

Another useful method for authenticating web clients and users is with X.509 certificates issued by a trusted Certificate Authority (CA). This is currently under investigation and it will probably be implemented through proxied LDAP authentication. Various factors still have to considered, such as choosing an optimal API and configuration.

4. Support of additional LDAP controls

Json2Ldap already implements a number of important LDAP controls such as server-side sort, paging and virtual-list-view. These three should complete the picture:

• Password expiring control: draft-vchu-ldap-pwd-policy.

• Password expired control: draft-vchu-ldap-pwd-policy.