Introduction to Directory Services Markup Language (DSML)
October 27, 2000
|
Directory Services Markup Language (DSML) is an XML
schema for working with directories. It is designed with
LDAP directories in mind. If you want to access
directories within XML programs, DSML could allow you to
stick with familiar XML syntax and tools instead of
having to use LDAP or proprietary directory-access APIs
such as Microsoft's ADSI. In addition, DSML could give
you one consistent way to work with multiple dissimilar
directories.
|
Directory Services Markup Language (DSML) XMLizes LDAP
Directory Services Markup Language (DSML) is an
XML
schema for working with directories. If you want to access
directories within XML programs, DSML allows you to
stick with familiar XML syntax and tools. DSML is defined using a
Document Content Description
(DCD).
DSML is designed with
Lightweight Directory Access Protocol
(LDAP) directories in mind. LDAP is a TCP-based protocol for
accessing online directory services. The main idea of DSML is to allow
XML programmers to access LDAP-enabled directories without having to
write to the LDAP interface or use proprietary directory-access APIs
such as Microsoft's
Active Directory Service Interfaces (ADSI). In addition, DSML could
give you one consistent way to work with multiple dissimilar
directories.
A typical DSML transaction works as follows: An XML application
formats a query in DSML. The query is transported across an
HTTP
network and received by a DSML service, which
translates the query into LDAP. Via LDAP, the data is retrieved from
the directory and passed back to the DSML service, which formats the
data in DSML and sends it back across the HTTP network to the
application.
Here's a graphical view of the process:
Flash animation (14KB)
Animated GIF (86KB)
Who Needs DSML?
DSML will be of practical use to you only if DSML
interfaces provide the functionality you need. That will
depend partly on whether DSML itself specifies the
required functionality, and partly on whether there is
robust DSML support for the directory or directories your
application needs to access.
Let’s look at these two points one at a time.
The DSML Spec
The DSML spec is still fairly immature: DSML 1.0 was
released in final form at the end of 1999. Work on DSML
2.0 started in earnest in the Fall of 2000. Participants
want to produce an implementable 2.0 spec by Q1 2001.
The biggest limitation of DSML 1.0 is a lack of
support for querying and updating. A query allows a client
to request specific information from a directory, such as
the first name, last name and phone number of all employees
in the Accounting department. An update changes information
in a directory. For instance, it might modify a phone number
or address, delete a record, or add a record.
DSML 1.0 provides a
meta-language for expressing the data model and structure
of a directory in XML. It doesn’t say anything about
how to query or update directories. If you want to do
queries or updates, you’ll have to go outside XML.
Most likely, you’d use LDAP or a proprietary API
like ADSI (Active Directory Services Interfaces).
DSML 2.0 will support querying and updating. Since
most applications that use a directory need to query
and/or update, 2.0 will be the first really useful
version of the spec for most programmers. However, you
could use 1.0, for instance, to implement a bulk
import/export function for directory information.
- Implementations
- Microsoft
- Other Directory Vendors
- Novell
- C and Java Not Required
- Security Considerations
- Conclusion
- What About LDAP?
- Beyond DSML
- DSML: a Common Language
Implementations
|
