[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Complex knowledge information

To: Jim Sermersheim <jimse@novell.com>
Subject: Re: [ldapext] Complex knowledge information
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Fri, 7 May 2004 23:08:05 +0200
Cc: ldapext@ietf.org
In-reply-to: <s0871e6c.019@sinclair.provo.novell.com>
References: <s0871e6c.019@sinclair.provo.novell.com>

Jim Sermersheim writes:
>>>>Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 4/21/04 3:17:17 PM >>>
>>Jim Sermersheim writes:
>>> 1) What is the preferred way to represent this type of auxiliary
>>> knowledge information in the directory?
>>> 2) What is the preferred way to represent this type of auxiliary
>>> knowledge information in operations returning a referral (or
>>> searchResultReference)?
>>
>> (...)
>>> (relying on the LDAP URL extensions means a similar mechanism must be
>>> defined for future URI types).
>>
>> Or the syntaxes of referral and continuation references in the protocol
>> could be extended to e.g. 'URI [SPACE <extra information>]', if the
>> client has sent an extended request which solicits this.
>
> I'm thinking that might cause some unwanted effects on existing clients
> which only expect a valid URI.

No.  As I said, it would only be sent if solicited.

>> Similarly, maybe the 'ref' attribute could be extended to use the label
>> part of 'labeledURI'. That would probably refer to something local to
>> the server, though, so I'm not sure if it would be practical to make the
>> label part of the referral protocol field identical to the label part of
>> the 'ref' attribute.
>
> Yeah, this would have to be coupled with the solution above right?

Not necessarily, though it could be confusing to do it differently.  The
server could move the info from the attribute to a control or whatever.
It solves the problem of what to do if you have two ref attributes in
one entry, and they need different extra information.

> What
> do you mean when you say it would refer to something local to the
> server? It could potentially contain anything, right (a reference to
> something, raw data, a mathematical formula, a SAML assertion, etc).

True.  But I had the impression that you were referring to data held
elsewhere in the server, which would be sent in addition to the LDAPURL.

> Thanks for the feedback so far. Do you think it would help if I
> illustrated some extreme examples of storing stuff on values of the ref
> attribute, and contrast that with returning that same kind of stuff in a
> control, and further contrast those with returning small (reference
> data) which would force the client to make a subsequent read?

Yes, quite useful.

-- 
Hallvard

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Prev by Date: Re: [ldapext] ManageDsaIT control vs. parent referral objects
Next by Date: SIZE DOES MATTER, DON'T DENY!
Index(es):
- Chronological
- Thread