[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [Repost] JDNI Authentication
Thanks for the response Kurt...
Here's what I get with logging set to level 4:
slapd starting
connection_get(10)
==> bdb_bind: dn: cn=Manager,dc=careerfish,dc=com
send_ldap_result: err=0 matched="" text=""
connection_get(10)
SRCH "uid=ross,ou=people,dc=careerfish,dc=com" 0 3 0 0 0
filter: (objectClass=*)
attrs: userPassword
base_candidates: base: "uid=ross,ou=people,dc=careerfish,dc=com"
(0x00000008)
send_ldap_result: err=0 matched="" text=""
connection_get(10)
SRCH "ou=groups,dc=careerfish,dc=com" 1 3 0 0 0
filter: (?=undefined)
attrs: cn
bdb_idl_fetch_key: *
bdb_idl_fetch_key: %ou=groups,dc=careerfish,dc=com
send_ldap_result: err=0 matched="" text=""
And with -d 32:
begin get_filter
PRESENT
end get_filter 0
=> test_filter
PRESENT
<= test_filter 6
begin get_filter
EQUALITY
get_ava: unknown attributeType \28uniqueMember
end get_filter 0
=> bdb_filter_candidates
EQUALITY
<= bdb_filter_candidates: id=0 first=0 last=0
=> bdb_filter_candidates
AND
=> bdb_list_candidates 0xa0
=> bdb_filter_candidates
<= bdb_filter_candidates: id=0 first=0 last=0
<= bdb_list_candidates: id=0 first=9 last=0
<= bdb_filter_candidates: id=0 first=9 last=0
and finally -d 256 (which I think it was you mean by Stats):
slapd starting
conn=0 fd=10 ACCEPT from IP=127.0.0.1:33218 (IP=0.0.0.0:389)
conn=0 op=0 BIND dn="cn=Manager,dc=careerfish,dc=com" method=128
conn=0 op=0 BIND dn="cn=Manager,dc=careerfish,dc=com" mech=SIMPLE ssf=0
conn=0 op=0 RESULT tag=97 err=0 text=
conn=0 op=1 SRCH base="uid=ross,ou=people,dc=careerfish,dc=com" scope=0
deref=3 filter="(objectClass=*)"
conn=0 op=1 SRCH attr=userPassword
conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=0 op=2 SRCH base="ou=groups,dc=careerfish,dc=com" scope=1 deref=3
filter="(?=undefined)"
conn=0 op=2 SRCH attr=cn
conn=0 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
What's up with that filter="(?=undefined)" Is that the issue?
Ross
Kurt D. Zeilenga wrote:
At 05:33 PM 10/11/2004, Ross Rankin wrote:
The OS is Fedora Core 2 and I'm using OpenLDAP 2.2.17. The difference between the two boxes is the OS version Red Hat 9 verus Fedora and 2.1 OpenLdap on the older box.
Okay, the boxes do differ significantly. So you can said aside
your assumption that they should behave the same.
Actually, If I do an ldapsearch for cn=user, it works fine. I am not sure what to use to replicate the the lookup that JNDI is using.
I thought there might be something telling and obvious that I was missing in the trace or in the config files... If there is another type of search I can do to try to replicate the issue, please let me know and I'll run it. Anyone out there using Java/JDNI?
First, let me be clear that you need to separate questions
specific to Tocmat/JNDI from questions specific to OpenLDAP
Software. Discussions specific to the Tomcat/JNDI, such as
why doesn't my Tomcat/JNDI configuration work as I expect?
why is Tomcat/JNDI doing X?
why is Tomcat/JNDI expecting Y?
are simply off-topic here and hence should be taken elsewhere.
However, asking questions such as:
what operation(s) do these logs indicate the client issued to
the slapd(8)?
how do I use ldapsearch(1) (or other OpenLDAP client tool) to
issue a particular operation?
slapd(8) responded to a particular ldapsearch(1) command
in a manner I didn't unexpected (detail expected and
actual behavior), why?
In regards to the log information you provided, I'm unable to
determine the particulars of the operation issued. I suggest
you enable some additional logging, such as STATS. See slapd(8)
for details.
Kurt