[Date Prev][Date Next] [Chronological] [Thread] [Top]

Operations error: "modifications require authentication" with OpenLDAP 2.1.x


What's the rationale behind changing the error code returned if a write access to the directory with anonymous bind fails?

In OpenLDAP 2.0.x and any other LDAP server I know of LDAP_INSUFFICIENT_ACCESS is returned if the add or modify operation fails. Some LDAP servers return a nice info field. This separate error code is very handy since the application can catch this particular error and ask the user to (re-)login (very handy e.g. in web2ldap ;-).

But OpenLDAP 2.1.x returns LDAP_OPERATIONS_ERROR with info field saying "modifications require authentication". This is bad since LDAP_OPERATIONS_ERROR can be anything and an application should not rely on the free text info message. With this behaviour the application is not able to guide the user and present a login form.

Ciao, Michael.