[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Referral behaviour: LDAP_RES_SEARCH_REFERENCE

To: "'Tomas Orti'" <tom65@tid.es>, openldap-software@OpenLDAP.org
Subject: RE: Referral behaviour: LDAP_RES_SEARCH_REFERENCE
From: Tomas Orti <tom65@tid.es>
Date: Wed, 16 Feb 2005 11:39:15 +0100
Importance: Normal
In-reply-to: <001901c5100c$1f80bdb0$d11ba8c0@tndes210>

Hi Tomas.
This is Tomas, too.
Having tested different situations and etherealed them,
and having read carefully section 4.5.3 of RFC2251
(paying special attention to the 'may' and 'MUST NOT' in the first
paragraph),
it seems that OpenLDAP respects the standard in that concrete situation.

The point is that, as you stated, it would be more common sense,
to follow what the example in section 4.5.3.1 is doing,
but OpenLDAP in this case is moving away from the spec.,
even though, it is not breaking it.

As long as the server holds the base object for the search of
dc=subtree,dc=example,dc=com,
and that entry holds the referral:
ldap://b.example.net/dc=subtree,dc=example,dc=com,
it would be more reasonable, to return it in a SearchResultReference,
instead of in a SearchResultDone with a referral enclosed, like is doing
OpenLDAP,
for this case.

Cheers,
Tomas

---------------------------------------
Tomás Ortí Martín
TELENIUM
C/ Agustín de Foxá, 25 - 28036 MADRID
Teléfono: 91 315 85 62 - Ext. 252
Fax: 91 315 63 37
Mail: tomasorti@telenium.es
Web: www.telenium.es
---------------------------------------


> -----Mensaje original-----
> De: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]En nombre de Tomas Orti
> Enviado el: viernes, 11 de febrero de 2005 8:34
> Para: openldap-software@OpenLDAP.org
> Asunto: Referral behaviour: LDAP_RES_SEARCH_REFERENCE
>
>
> Hi everyone.
> I'm testing the way 'referrals' are returned by the API,
> but I'm a bit confused about it:
>
> I have these on my slapd.conf on the server side:
> (just as it is stated in the manual in section 12. Constructing a
> Distributed Directory Service)
>
> 	referral	ldap://root.openldap.org
>
> 	...
>
> 	dn: dc=subtree,dc=example,dc=com
> 	objectclass: referral
> 	objectclass: extensibleObject
> 	dc: subtree
> 	ref: ldap://b.example.net/dc=subtree,dc=example,dc=com
>
>
> When I ldapsearched examples for them, and debugged, got SearchResults
> (LDAP_RES_SEARCH_RESULT)
> for both, that is the equivalent of SearchResultDone of RFC2251.
> This is quite confusing (an may be non standard?), because
> the common sense
> of doing it, it would be to receive a SearchResultReference
> (LDAP_RES_SEARCH_REFERENCE) for a search request of
> dc=subtree,dc=example,dc=com, and a SearchResultDone
> (LDAP_RES_SEARCH_RESULT) with a referral, when the server
> does not hold the
> base object for the search,
> just as it is stated in 4.5.3 and 4.5.3.1 of RFC2251.
>
> If this is the behavior, then, what is the
> LDAP_RES_SEARCH_REFERENCE used
> for?
>
> Thanks in advance,
> Tomas.
>
> ---------------------------------------
> Tomás Ortí Martín
> TELENIUM
> C/ Agustín de Foxá, 25 - 28036 MADRID
> Teléfono: 91 315 85 62 - Ext. 252
> Fax: 91 315 63 37
> Mail: tomasorti@telenium.es
> Web: www.telenium.es
> ---------------------------------------
>

References:
- Referral behaviour: LDAP_RES_SEARCH_REFERENCE
  - From: Tomas Orti <tom65@tid.es>

Prev by Date: AW: LDAP Master with 2 replicated Server how to config
Next by Date: sasl and tls?
Index(es):
- Chronological
- Thread