RE: debugging

[Tim Mooney <Tim.Mooney@ndsu.edu>]

In regard to: RE: debugging, Quanah Gibson-Mount said (at 11:13am on May...:

> --On Wednesday, May 13, 2015 6:24 PM +0000 Craig White 
> <CWhite@skytouchtechnology.com> wrote:
>
> > The above log line clearly indicates the client issued a search using a
> > base of cn=accesslog.  This would be a bug in the java code. ----
> > Thanks - that was valuable. Despite all configuration to JNDI which says
> > where to search, the application is choosing to search 'cn=accesslog' -
> > that was we needed to know.
>
> Using JNDI for LDAP is a very, very bad idea.

On this, I'll take your word and Howard's second as "gospel".

For my own edification and possibly the benefit of the archives, though,
can you go into the reasons *why* it's a bad idea?  I'm not a Java
developer but I have some down the hall from me, so I would like to be
able to back up "it's a very, very bad idea" with more than just "because
Quanah and Howard say so".  That's enough for me, but not for some.

Our Java developers are apparently using something called "ldaptive"
from Virginia Tech, which defaults to using JNDI but can actually sit
on top of the Unbound ID SDK or possibly others.

Tim
--
Tim Mooney                                             Tim.Mooney@ndsu.edu
Enterprise Computing & Infrastructure                  701-231-1076 (Voice)
Room 242-J6, Quentin Burdick Building                  701-231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164