User Tools

Site Tools


middleware:ed:services

ED Services

Author Daniel Fisher
Date 2008/08/19

Introduction

Services provide a credentialed identity for external parties to interact with the Enterprise Directory.
This document explains what services are for and why you would want to use them.

Service Creation

In order to get started with services you must request a middleware certificate and register a service.
Instructions for this process can be found at: Requesting ED-ID Service
Take note of what CN you generate in your certificate, as this will become your service identifier.
We recommend choosing an id that represents what your service will be used for.
Choosing names that correspond to server host names or other transient data will make your service less meaningful to administrative staff.

Service Directory Information

A service is a special directory entry that provides access to other data in the directory.
What follows are the service attributes which are of particular importance.
The entire schema can be found here.

ou=Services,dc=vt,dc=edu

uusid

The unique identifier of a service is known as the uusid, which stands for universally unique service identifier.
This attribute contains the unique name of a service.

certficate

This attribute contains the certificate issued to this service by the Middleware CA.

serviceDN

This attribute contains the certificate DNs that currently valid for a particular service.
As a service may have more than (1) valid certificate at any given time, this attribute dictates which of those certificates may be used.

viewablePersonAttribute

This attribute enumerates the ou=People attributes that this service is allowed to view.
Any attribute listed here will be viewable by this service on all person entries.

administrator

This attribute contains the DN of the people who are responsible for administrating the service.
These people are expected to the be the technical staff who deal with integration.

contactPerson

This attribute contains the DN of the people responsible for this service.
These people will receive e-mail concerning this service, including notices concerning service expiration.

expirationDate

This attribute contains the date on which this service will be deleted from the Enterprise Directory.
When a service is created its expiration date is set the same as its certificate expiration date.
Several notification will be sent to the service contact prior to service deletion.

Service Usage

Currently services can be used to query ED-ID or make web service invocations.

middleware/ed/services.txt · Last modified: 2015/06/01 12:02 (external edit)