[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] CLDAPv3: A slightly different approach

To: ldapext@ietf.org
Subject: [ldapext] CLDAPv3: A slightly different approach
From: Thorild Selen <thorild@Update.UU.SE>
Date: Fri, 21 Feb 2003 23:39:31 +0100
Cc: roland@catalogix.se
In-reply-to: <15954.54666.323549.882235@Tempo.Update.UU.SE>
References: <200302142303.KAA27315@au.padl.com> <5.2.0.9.0.20030214163041.024ce568@127.0.0.1> <15953.15336.830720.986840@Tempo.Update.UU.SE> <3E51599C.6000708@it.su.se> <15953.25644.56942.704051@Tempo.Update.UU.SE> <3E517536.20902@it.su.se> <15954.54666.323549.882235@Tempo.Update.UU.SE>

I've given some more thought to the CLDAPv3 issue. How about a
solution like this?


Basically: A request datagram (client to server) consists of one
single LDAPMessage containing optionally one BindRequest, then any
number of other requests (but see below). A response (server to
client) is one single datagram consisting of a LDAPMessage containing
the results of each of the requests in the request datagram, or an
appropriate error if these won't fit into a single datagram (with
possible exceptions as detailed below).

Any LDAPv3 request is allowed. However:

A datagram sent by the client SHOULD NOT contain any request in
addition to (first) the optional initial bind request and (last) any
other request, unless these additional requests are Extended
Operations that are intended to affect how the server interprets or
processes other requests in the datagram.

A server MUST NOT perform an operation unless it knows that it
eventually will be able to deliver the full result, assuming that both
client and server are still running by then and can still
communicate. If a server decides not to accept an operation on these
grounds, it SHOULD return a "connection required" type of error.

A server MAY perform an operation that, for correct operation, would
require caching of results (as described by Leif Johansson and Roland
Hedberg, or by any other means), but only if both client and server
support such a method, and the client explicitly asks the server to
use it for the operation (using a Control or Extended Operation
request submitted with the request). A server is not required to
support any such method.

A server MAY split the results of one request into several datagrams
only if the client explicitly asks for it (by some Control or Extended
Operation possibly to be defined later; and in this case every
datagram must still be a complete LDAPMessage). Otherwise, the server
MUST return at most one single datagram in response to a single
datagram.

For any request, a server MAY return a "connection required" type of
error.


Again, this is just a quick sketch. Please tell me what you think.

Thorild Selén
Datorföreningen Update / Update Computer Club, Uppsala, SE
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] CLDAPv3: A slightly different approach
  - From: Leif Johansson <leifj@it.su.se>

References:
- Re: [ldapext] CLDAPv3
  - From: Luke Howard <lukeh@PADL.COM>
- Re: [ldapext] CLDAPv3
  - From: Thorild Selen <thorild@Update.UU.SE>
- Re: [ldapext] CLDAPv3
  - From: Leif Johansson <leifj@it.su.se>
- Re: [ldapext] CLDAPv3
  - From: Thorild Selen <thorild@Update.UU.SE>
- Re: [ldapext] CLDAPv3
  - From: Leif Johansson <leifj@it.su.se>
- Re: [ldapext] CLDAPv3
  - From: Thorild Selen <thorild@Update.UU.SE>

Prev by Date: Re: [ldapext] LDAP - password in history
Next by Date: Re: [ldapext] CLDAPv3: A slightly different approach
Index(es):
- Chronological
- Thread