[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Referral chasing mistery



At 08:35 PM 3/22/01 +0100, Stig Venaas wrote:
>On Thu, Mar 22, 2001 at 07:30:43PM +0000, Konstantin Chuguev wrote:
>> I see. I thought that if it is possible to use the URL form both with and
>> without "/" after the ldap://[host], then ldap://[host] means "same base"
>> while ldap://[host]/ means "root base". Nothing in the standard actually says
>> that, and nothing explains the difference between the two forms :-(
>> And nothing allows to use referrals to root naming contexts with the base
>> scope then. Which is no good!
>> Is there any way to save the standard-conformant clients of choking in such
>> cases? Bet they are not common but still...
>
>I agree, it would be nice to distinguish the two.

  ldap://host
  ldap://host/
  ldap://host/?
  ...

all specify an empty DN string.  The implications upon LDAPv3
referral chasing (but not continuation chasing) is that the DN
of an request which solicited the referral shall be used in
continuing the operation.

With LDAPv2+, of course, the client cannot distinguish the
difference between a search referral and a search continuation
reference.  But that's another matter.

>The spec isn't quite
>clear, but I don't think you can. Perhaps the spec could be made a bit
>clearer as part of the bis-work. I hope Kurt can comment, perhaps should
>ask about this on the bis-list?

I believe the revised URL I-D (a work in progress):
  http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-url-00.txt

clarifies this issue.  If it doesn't, please comment on
the LDAPbis mailing list.

>Perhaps the semantics for referral and
>reference should be the same.

Perhaps, but I don't anyone is willing to consider such a
change now.

>In my opinion you should never (at least not when you might be refered
>to) have empty base though.

Given that an empty DN is a DSA-specific entry, I concur.