[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: searching multiple backends



> >It occurs to me that I can add this
> >functionality by writing a new "glue" backend.
>
> I've actually hoping somebody would write an LDAP backend...
> A server with an LDAP backend would act as a proxy to other
> LDAP servers (or itself).
>
> Kurt
>
Ok.... That could work, but a general LDAP backend opens up a big can of
worms re: no equivalent to X.500 chaining arguments. Problems with loop
detection, all kinds of authentication ambiguities, etc... Maybe not
unsolvable, but it'll be ugly. An anonymous, search-only backend could be
put together pretty quickly.

> I don't think it's broken, per say, as the specification allows
> our current approach.  However, there are likely other approaches
> worth considering.

(Quoted from a different reply.) Obviously I would prefer a different
approach! There is a common "good coding" guideline that says any function
should have only one entry point and one exit. One could extend this view to
a client-server architecture and say that any request should only generate
results in one place. It's perhaps a flimsy argument, but it would clean
things up somewhat if send_ldap_result() weren't scattered so profusely
throughout the source, and would make code modifications easier to keep
consistent.