Proxy transformations are used to rewrite requests and responses as they pass through the Directory Proxy Server. Proxy data transformations are helpful for clients that use an old schema or that contain a hard-coded schema.
Proxy transformations can provide DN and attribute mapping altering both requests to the server
as well as responses from the server. For example, a client sends a request to
o=example.com even though the directory server handling the request uses
dc=example,dc=com. The Directory Proxy Server can transparently
remap the request so that the server can process it, and map it back to the original DN of the
client request when the value is returned. Or if a client tries to use the attribute
userID
, the Directory Proxy Server can map it to uid
before sending the request on to the backend LDAP server. The Directory Proxy Server then
remaps the response to userID
when the value is returned.
The Directory Proxy Server also includes a proxy transformation that can be used to suppress a specified attribute, so that it will never be returned to clients. It can also cause the server to reject requests which target that particular attribute. Another proxy transformation can be used to prevent entries that match a given search filter from being returned to clients.
For information about configuring proxy transformations, see Configuring Proxy Transformations on page 70.