Upon 2020

Microsoft turning the LDAP directory into a Graph Database?

Just finished watching Kim Cameron‘s talk at the recent Microsoft Professional Developers Conference. A bit of a surprise that talk of WS-* has largely disappeared in favor of much about REST.

But the most interesting part, for me, was at the end, when Gert Drapers (Principal Architect, Identity and Access Platform), gave a demo on future directions for Microsoft’s LDAP directory. Kim called it “two orders of magnitude simpler” (for the developer) than LDAP so far. The secret? Graph traversal!

Here’s a code fragment he showed on screen (I simplified it a bit to make my point):

Party me = directory.GetPartyByIdentityKey( ... );

IEnumerable<Party> managementChain = directory.GetRelatedParties( me, System.Identity.Kinds.Relationship.Manager )

// Find the first manager which is a expense approver
foreach( Party manager in managementChain ) {
    bool isApprover = (
        from roles in manager.ProcessRolesAre
        where roles.KindID == System.Identity.Kinds.ProcessRole.ExpenseApprover
        select roles.Party
    ).count() >= 1;
    if( isApprover ) {
         ...
    }
}

Here is how we would do it in InfoGrid:

Party me = meshBase.findMeshObjectByIdentifier( ... ).getTypedMeshObjectFacade( IdentitySubjectArea.PARTY );

MeshObjectSet managers = me.traverse( IdentitySubjectArea.ISMANAGEDBY.getSource() );
while( !managers.isEmpty() ) {
    Party manager = managers.getSingleElement().getTypedMeshObjectFacade( IdentitySubjectArea.PARTY );

    if( manager.getIsApprover().value() ) {
        ...
    }
    managers = manager.traverse( IdentitySubjectArea.ISMANAGEDBY.getSource() );
}

There are some minor differences in the API, because it appears that Microsoft’s is a special-purpose graph database with a built-in “directory” schema and a leaky SQL underneath, while InfoGrid’s supports any kind of model (aka schema). InfoGrid can also be run on top of either SQL or NoSQL engines and does not leak SQL. For this example, I made up a hypothetical model called IdentitySubjectArea, but that would a really easy one to define.

“Two orders of magnitude better” according to Kim? Of course, the world’s information is clearly structured more like a graph than LDAP and people seem to get around to that idea. Perhaps there are some interesting applications for InfoGrid as an enterprise directory … never thought of that one.

Johannes Ernst

,
, ,