[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Last call on 'Named Subordinate References in LDAPDirectories'

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Last call on 'Named Subordinate References in LDAPDirectories'
From: Mark Smith <mcs@netscape.com>
Date: Wed, 09 May 2001 15:09:53 -0400
Cc: roland@catalogix.se, ietf-ldapext@netscape.com
Organization: iPlanet E-Commerce Solutions
References: <0104231956560D.00916@t20> <5.1.0.14.0.20010507214101.00aa6ec0@127.0.0.1>

"Kurt D. Zeilenga" wrote:
> 
> At 06:53 PM 5/7/01, Mark C Smith wrote:
> >4) Section 7.2 (Target object considerations), Case 4: I would like to
> >see a detailed algorithm specified that a server SHOULD use to construct
> >the URI value to be returned.  Why?
> 
> I guess some additional text regarding DN rewriting considerations
> would be appropriate.  I would suggest an additional "Other
> Considerations" subsection be added.

That sounds like a good idea to me.

> >I can produce some text based on what
> >was in the expired Christopher Lukas Named Referral" I-D if that would
> >help.  This same comment applies to Case 4 of section 7.3 (Base Object
> >Considerations).
> 
> Suggested text always welcomed.

Actually, I went and looked and no text for this is included in the
older named referral draft that I had in my archive.  I remember
talkingamong the authors about adding it but I guess we never did.  Here
is a rough algorithm for DN rewriting within ref values when dealing
with base objects:

Case A: If the base DN in the ref value is an ancestor of the
operation's base DN:

Step 1) Replace the base DN in the ref value with the one from the
operation.

E.g., if we have this entry on serverA:

	dn: dc=example,dc=com
	dc: example
	ref: ldap://serverB/dc=example,dc=com
	objectClass: referral
	objectClass: extensibleObject

and a search operation arrives at serverA with a base of:

	uid=mcs,ou=people,dc=example,dc=com

then the referral URI that is returned would be:

	ldap://serverB/uid=mcs,ou=people,dc=example,dc=com

Case B: The base DN in the ref value is NOT an ancestor of the
operation's base DN:

Step 1) Start with the operation base DN. Remove the portion on the
right that matches the DN of the entry containing the ref value.

Step 2) Prepend the result of step 1 to the DN that is in the ref value. 

E.g., if we have this entry on serverA:

	dn: dc=aol,dc=com
	dc: aol
	ref: ldap://serverB/dc=aoltimewarner,dc=com
	objectClass: referral
	objectClass: extensibleObject

and a search operation arrives at serverA with a base of:

	uid=mcs,ou=people,dc=aol,dc=com

then Step 1 produces:

	 uid=mcs,ou=people,

and Step 2 produces:

	ldap://serverB/uid=mcs,ou=people,dc=aoltimewarner,dc=com

-Mark Smith
 Netscape

References:
- Re: Last call on 'Named Subordinate References in LDAP Directories'
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: MUST ref (Was: Last call on 'Named Subordinate ReferencesinLDAP Directories')
Next by Date: Business/Employment Opportunity
Index(es):
- Chronological
- Thread