About Request Handling
DS servers listen for client requests using connection handlers. A connection handler interacts with client applications, accepting connections, reading requests, and sending responses. Most connection handlers expose configurable listen ports with security settings. The security settings point to other configuration objects, so two connection handlers can share the same certificate and private key, for example.
DS servers use different ports for different protocols. For example, a directory server might listen on port 389
for LDAP requests, port 443
for HTTPS requests, and port 4444
for administration requests from server configuration tools. Because DS servers use a different connection handler for each port, DS servers have several connection handlers enabled.
The setup command lets you initially configure connection handlers for LDAP or LDAPS, HTTP or HTTPS, and administrative traffic. The dsconfig command offers full access to all connection handler configurations.
When a client application opens a secure connection to a server, the JVM has responsibility for transport layer security negotiations. You can configure how connection handlers access keys required during the negotiations. You can also configure which clients on the network are allowed to use the connection handler. For details, see "Connection Handler".
Connection handlers receive incoming requests, and pass them along for processing by the core server subsystem.
For example, an LDAP connection handler enqueues requests to the core server, which in turn requests data from the appropriate backend as necessary. For more information about backends, see Data Storage. The core server returns the LDAP response.
An HTTP connection handler translates each request to LDAP. Internally, the core server subsystem processes the resulting LDAP requests.
DS servers support other types of connection handlers. For example, JMX and SNMP connection handlers support monitoring applications. A special LDIF connection handler consumes LDIF files.
When deploying a server, decide which listen ports to expose over which networks. Determine how you want to secure the connections, as described in Secure Connections.