...
The backend is structured in modules which provide different functionality.
...
LDAP-Module
This module handles all requests against the metadirectory. It bundles requests where needed, caches data to avoid redundant data requests, implements several OpenLdap OpenLDAP server controls and many other things.
A strength of this module is the dynamic building of almost all needed ldap LDAP filters. This allows the developer to use complex ldap LDAP filter constructs even without deeper knowledge in ldap LDAP search filters. If necessary the module also provides many interceptor entry points, where modifications prior or after sending the request to the metadirectory is possible.
PDP-Module
All requests in didmos2 -core Core are going through an authorization authorisation process to check, whether the requestor has sufficient rights for this request. The PDP -Module module is mainly a wrapper around the didmos-rbac RBAC library which is a python implementation of role based access control. The library is capable of managing users, roles, permissions and sessions.
Further information about the didmos-rbac RBAC libary can be found here.
Task-Module
...
This module is not directly part of didmos2 -coreCore. But allows to override almost all functions used inside didmos2 -coreCore. This gives developers the freedom to both, relay on well tested functionality inside the core as well as the flexibility to implement own functions or even full custom endpoints.
Didmos2-core didmos2 Core has a ready to use default configuration which allows to directly start working with didmos2. But since this might not fit for every project, all configuration parameters can be overwritten inside the customer module. This works in addition to your configuration implementation let it be configuration files or the usage of the didmos2-configserver.
...
OpenLDAP as metadirectory
Didmos2-core didmos2 Core is reliant on an openldap OpenLDAP directory server as metadirectory. The backend is highly flexible regarding objectclassesobject classes, structure and attribute naming. Nevertheless some functionality, the backend relies on is provided by openldap-OpenLDAP overlays which are kind of extensions to the default openldap OpenLDAP implementation which makes them necessary for the metadirectory to have them installed.
Configuration
...
parameters
A complete list of all configuration parameters can be found here.