You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Matt Doran <ma...@papercut.com> on 2011/05/19 10:17:59 UTC
Custom LDAP partition and root/baseless searches
Hi there,
I'm using a *very* basic custom LDAP partition in Apache DS (it's an
older version 1.5.5, because at the time of writing this was the best
version to get a custom LDAP partition working).
We are using this embedded in our product to mimic a "real" LDAP server
for a very specific purpose (mainly around authentication and a very
basic user attribute lookup).
One of the services that is interacting with us now is performing a root
search (I'm not sure if that's the right term). But basically they are
now doing a search without providing an search base DN (i.e. the search
base is empty ""). See the attached image for a part of the wireshark
dump for this search.
The problem we're having is that when we receive this search, the
"search()" method of our custom LDAP partition is not being called. I
haven't been able to find the answer in your docs (probably because I
don't know the terminology to search for :)
So I'm wondering how we can hook into these baseless searches? Is
there a way to set-up the partition so we will be passed these search
requests?
Is there a way to "plug-in" to handle these searches and modify them or
direct them in some way to our custom partition.
Thanks in advance!!!
Matt Doran
Re: Custom LDAP partition and root/baseless searches
Posted by Kiran Ayyagari <ka...@apache.org>.
On Thu, May 19, 2011 at 5:33 PM, Matt Doran <ma...@papercut.com> wrote:
>
>>>>> 'Root' searches are supposed to work well. The way it works is that it
>>>>> looks
>>>>> into all the naming contexts present in the RootDSE entry. I guess that
>>>>> you
>>>>> have such a naming context present, otherwise you would not be able to
>>>>> do
>>>>> any search in your specific partition.
>>>>>
>>>>> It may be a bug in 1.5.5. I suggest you quickly do a test with the
>>>>> latest
>>>>> version (1.5.7) to see if the problem still exists (we fixed a large
>>>>> number
>>>>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then
>>>>> it's
>>>>> most certainly a bug and deserves a JIRA.
>>>>>
>>>> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
>>>
>>> Many thanks for your quick responses!!
>>>
>>> When I originally developed this, 1.5.6 was the most recent version. I
>>> tried creating an LDAPPartition on this version but had a number of
>>> problems
>>> (all the samples showed how to implement this for 1.5.5 and there were
>>> some
>>> large API changes under the covers). So I stuck with 1.5.5.
>>>
>>> The following article also seems to still talk about 1.5.5. -
>>>
>>> http://directory.apache.org/apacheds/1.5/61-how-to-write-a-simple-custom-partition-for-apacheds.html
>>>
>>> Are their samples of how to implement a custom partition in 1.5.7? I'd
>>
>> AFAIR there aren't any design changes except some code refactoring to
>> make new partition implementations easy
>> check this
>> http://svn.apache.org/repos/asf/directory/documentation/samples/trunk/embedded-sample/
>>
>
> Thanks again. I'll take a look.
>
> This example shows an embedded server, but not a custom LDAP partition.
> Do you know of any sample code to get this working? (sorry for all the
> questions)
ahh, sorry for that, I just forgot that it is an example for embedding
server, I do not have any example for creating partitions against
1.5.7
but the inbuilt partitions (e.x JdbmPartition, AvlPartition) present
in 1.5.7 source should give you some insight.
>
> Matt
>
>
--
Kiran Ayyagari
Re: Custom LDAP partition and root/baseless searches
Posted by Kiran Ayyagari <ka...@apache.org>.
the setSuffix() method should be called before adding to the service
MyTestLdapPartition partition = new MyTestLdapPartition();
partition.setId("mytest");
partition.setSuffix( "dc=mytest,dc=local" ); // <------ this is required
service.addPartition(partition);
and the setSuffix() method of MyTestLdapPartition should be changed to
set the internal suffix Dn, the implementation can be something like
as shown below
public void setSuffix(String suffix) throws LdapInvalidDnException {
_suffix = suffix;
_suffixDn = new DN( suffix );
}
On Thu, May 19, 2011 at 5:33 PM, Matt Doran <ma...@papercut.com> wrote:
>
>>>>> 'Root' searches are supposed to work well. The way it works is that it
>>>>> looks
>>>>> into all the naming contexts present in the RootDSE entry. I guess that
>>>>> you
>>>>> have such a naming context present, otherwise you would not be able to
>>>>> do
>>>>> any search in your specific partition.
>>>>>
>>>>> It may be a bug in 1.5.5. I suggest you quickly do a test with the
>>>>> latest
>>>>> version (1.5.7) to see if the problem still exists (we fixed a large
>>>>> number
>>>>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then
>>>>> it's
>>>>> most certainly a bug and deserves a JIRA.
>>>>>
>>>> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
>>>
>>> Many thanks for your quick responses!!
>>>
>>> When I originally developed this, 1.5.6 was the most recent version. I
>>> tried creating an LDAPPartition on this version but had a number of
>>> problems
>>> (all the samples showed how to implement this for 1.5.5 and there were
>>> some
>>> large API changes under the covers). So I stuck with 1.5.5.
>>>
>>> The following article also seems to still talk about 1.5.5. -
>>>
>>> http://directory.apache.org/apacheds/1.5/61-how-to-write-a-simple-custom-partition-for-apacheds.html
>>>
>>> Are their samples of how to implement a custom partition in 1.5.7? I'd
>>
>> AFAIR there aren't any design changes except some code refactoring to
>> make new partition implementations easy
>> check this
>> http://svn.apache.org/repos/asf/directory/documentation/samples/trunk/embedded-sample/
>>
>
> Thanks again. I'll take a look.
>
> This example shows an embedded server, but not a custom LDAP partition.
> Do you know of any sample code to get this working? (sorry for all the
> questions)
>
> Matt
>
>
--
Kiran Ayyagari
Re: Custom LDAP partition and root/baseless searches
Posted by Matt Doran <ma...@papercut.com>.
>>>> 'Root' searches are supposed to work well. The way it works is that it
>>>> looks
>>>> into all the naming contexts present in the RootDSE entry. I guess that
>>>> you
>>>> have such a naming context present, otherwise you would not be able to do
>>>> any search in your specific partition.
>>>>
>>>> It may be a bug in 1.5.5. I suggest you quickly do a test with the latest
>>>> version (1.5.7) to see if the problem still exists (we fixed a large
>>>> number
>>>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then it's
>>>> most certainly a bug and deserves a JIRA.
>>>>
>>> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
>> Many thanks for your quick responses!!
>>
>> When I originally developed this, 1.5.6 was the most recent version. I
>> tried creating an LDAPPartition on this version but had a number of problems
>> (all the samples showed how to implement this for 1.5.5 and there were some
>> large API changes under the covers). So I stuck with 1.5.5.
>>
>> The following article also seems to still talk about 1.5.5. -
>> http://directory.apache.org/apacheds/1.5/61-how-to-write-a-simple-custom-partition-for-apacheds.html
>>
>> Are their samples of how to implement a custom partition in 1.5.7? I'd
> AFAIR there aren't any design changes except some code refactoring to
> make new partition implementations easy
> check this http://svn.apache.org/repos/asf/directory/documentation/samples/trunk/embedded-sample/
>
Thanks again. I'll take a look.
This example shows an embedded server, but not a custom LDAP
partition. Do you know of any sample code to get this working?
(sorry for all the questions)
Matt
Re: Custom LDAP partition and root/baseless searches
Posted by Kiran Ayyagari <ka...@apache.org>.
On Thu, May 19, 2011 at 5:01 PM, Matt Doran <ma...@papercut.com> wrote:
> On 19/05/11 7:22 PM, Kiran Ayyagari wrote:
>>
>> On Thu, May 19, 2011 at 2:11 PM, Emmanuel Lecharny<el...@gmail.com>
>> wrote:
>>>
>>> On 5/19/11 10:17 AM, Matt Doran wrote:
>>>>
>>>> Hi there,
>>>>
>>>> I'm using a *very* basic custom LDAP partition in Apache DS (it's an
>>>> older
>>>> version 1.5.5, because at the time of writing this was the best version
>>>> to
>>>> get a custom LDAP partition working).
>>>>
>>>> We are using this embedded in our product to mimic a "real" LDAP server
>>>> for a very specific purpose (mainly around authentication and a very
>>>> basic
>>>> user attribute lookup).
>>>>
>>>> One of the services that is interacting with us now is performing a root
>>>> search (I'm not sure if that's the right term). But basically they are
>>>> now
>>>> doing a search without providing an search base DN (i.e. the search base
>>>> is
>>>> empty ""). See the attached image for a part of the wireshark dump for
>>>> this
>>>> search.
>>>>
>>>> The problem we're having is that when we receive this search, the
>>>> "search()" method of our custom LDAP partition is not being called. I
>>>> haven't been able to find the answer in your docs (probably because I
>>>> don't
>>>> know the terminology to search for :)
>>>>
>>>> So I'm wondering how we can hook into these baseless searches? Is
>>>> there
>>>> a way to set-up the partition so we will be passed these search
>>>> requests?
>>>>
>>>> Is there a way to "plug-in" to handle these searches and modify them or
>>>> direct them in some way to our custom partition.
>>>
>>> 'Root' searches are supposed to work well. The way it works is that it
>>> looks
>>> into all the naming contexts present in the RootDSE entry. I guess that
>>> you
>>> have such a naming context present, otherwise you would not be able to do
>>> any search in your specific partition.
>>>
>>> It may be a bug in 1.5.5. I suggest you quickly do a test with the latest
>>> version (1.5.7) to see if the problem still exists (we fixed a large
>>> number
>>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then it's
>>> most certainly a bug and deserves a JIRA.
>>>
>> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
>
> Many thanks for your quick responses!!
>
> When I originally developed this, 1.5.6 was the most recent version. I
> tried creating an LDAPPartition on this version but had a number of problems
> (all the samples showed how to implement this for 1.5.5 and there were some
> large API changes under the covers). So I stuck with 1.5.5.
>
> The following article also seems to still talk about 1.5.5. -
> http://directory.apache.org/apacheds/1.5/61-how-to-write-a-simple-custom-partition-for-apacheds.html
>
> Are their samples of how to implement a custom partition in 1.5.7? I'd
AFAIR there aren't any design changes except some code refactoring to
make new partition implementations easy
check this http://svn.apache.org/repos/asf/directory/documentation/samples/trunk/embedded-sample/
> love to be able to do a quick verification that the root search is fixed
> before doing a full port.
>
try this commnd (an empty dn hints to perform a root(DSE) search)
ldapsearch -H ldap://localhost:10389 -x -D "uid=admin,ou=system" -W -b
"" -s one -a always -z 1000 "(objectClass=*)" "*"
> Thanks again,
> Matt
>
>
--
Kiran Ayyagari
Re: Custom LDAP partition and root/baseless searches
Posted by Matt Doran <ma...@papercut.com>.
On 19/05/11 7:22 PM, Kiran Ayyagari wrote:
> On Thu, May 19, 2011 at 2:11 PM, Emmanuel Lecharny<el...@gmail.com> wrote:
>> On 5/19/11 10:17 AM, Matt Doran wrote:
>>> Hi there,
>>>
>>> I'm using a *very* basic custom LDAP partition in Apache DS (it's an older
>>> version 1.5.5, because at the time of writing this was the best version to
>>> get a custom LDAP partition working).
>>>
>>> We are using this embedded in our product to mimic a "real" LDAP server
>>> for a very specific purpose (mainly around authentication and a very basic
>>> user attribute lookup).
>>>
>>> One of the services that is interacting with us now is performing a root
>>> search (I'm not sure if that's the right term). But basically they are now
>>> doing a search without providing an search base DN (i.e. the search base is
>>> empty ""). See the attached image for a part of the wireshark dump for this
>>> search.
>>>
>>> The problem we're having is that when we receive this search, the
>>> "search()" method of our custom LDAP partition is not being called. I
>>> haven't been able to find the answer in your docs (probably because I don't
>>> know the terminology to search for :)
>>>
>>> So I'm wondering how we can hook into these baseless searches? Is there
>>> a way to set-up the partition so we will be passed these search requests?
>>>
>>> Is there a way to "plug-in" to handle these searches and modify them or
>>> direct them in some way to our custom partition.
>> 'Root' searches are supposed to work well. The way it works is that it looks
>> into all the naming contexts present in the RootDSE entry. I guess that you
>> have such a naming context present, otherwise you would not be able to do
>> any search in your specific partition.
>>
>> It may be a bug in 1.5.5. I suggest you quickly do a test with the latest
>> version (1.5.7) to see if the problem still exists (we fixed a large number
>> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then it's
>> most certainly a bug and deserves a JIRA.
>>
> this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
Many thanks for your quick responses!!
When I originally developed this, 1.5.6 was the most recent version. I
tried creating an LDAPPartition on this version but had a number of
problems (all the samples showed how to implement this for 1.5.5 and
there were some large API changes under the covers). So I stuck with 1.5.5.
The following article also seems to still talk about 1.5.5. -
http://directory.apache.org/apacheds/1.5/61-how-to-write-a-simple-custom-partition-for-apacheds.html
Are their samples of how to implement a custom partition in 1.5.7?
I'd love to be able to do a quick verification that the root search is
fixed before doing a full port.
Thanks again,
Matt
Re: Custom LDAP partition and root/baseless searches
Posted by Kiran Ayyagari <ka...@apache.org>.
On Thu, May 19, 2011 at 2:11 PM, Emmanuel Lecharny <el...@gmail.com> wrote:
> On 5/19/11 10:17 AM, Matt Doran wrote:
>>
>> Hi there,
>>
>> I'm using a *very* basic custom LDAP partition in Apache DS (it's an older
>> version 1.5.5, because at the time of writing this was the best version to
>> get a custom LDAP partition working).
>>
>> We are using this embedded in our product to mimic a "real" LDAP server
>> for a very specific purpose (mainly around authentication and a very basic
>> user attribute lookup).
>>
>> One of the services that is interacting with us now is performing a root
>> search (I'm not sure if that's the right term). But basically they are now
>> doing a search without providing an search base DN (i.e. the search base is
>> empty ""). See the attached image for a part of the wireshark dump for this
>> search.
>>
>> The problem we're having is that when we receive this search, the
>> "search()" method of our custom LDAP partition is not being called. I
>> haven't been able to find the answer in your docs (probably because I don't
>> know the terminology to search for :)
>>
>> So I'm wondering how we can hook into these baseless searches? Is there
>> a way to set-up the partition so we will be passed these search requests?
>>
>> Is there a way to "plug-in" to handle these searches and modify them or
>> direct them in some way to our custom partition.
>
> 'Root' searches are supposed to work well. The way it works is that it looks
> into all the naming contexts present in the RootDSE entry. I guess that you
> have such a naming context present, otherwise you would not be able to do
> any search in your specific partition.
>
> It may be a bug in 1.5.5. I suggest you quickly do a test with the latest
> version (1.5.7) to see if the problem still exists (we fixed a large number
> of bugs between 1.5.5. and 1.5.7). If the proble still exists, then it's
> most certainly a bug and deserves a JIRA.
>
this was fixed in 1.5.7, and if you migrate to 1.5.7 then it will work.
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>
--
Kiran Ayyagari
Re: Custom LDAP partition and root/baseless searches
Posted by Emmanuel Lecharny <el...@gmail.com>.
On 5/19/11 10:17 AM, Matt Doran wrote:
> Hi there,
>
> I'm using a *very* basic custom LDAP partition in Apache DS (it's an
> older version 1.5.5, because at the time of writing this was the best
> version to get a custom LDAP partition working).
>
> We are using this embedded in our product to mimic a "real" LDAP
> server for a very specific purpose (mainly around authentication and a
> very basic user attribute lookup).
>
> One of the services that is interacting with us now is performing a
> root search (I'm not sure if that's the right term). But basically
> they are now doing a search without providing an search base DN (i.e.
> the search base is empty ""). See the attached image for a part of
> the wireshark dump for this search.
>
> The problem we're having is that when we receive this search, the
> "search()" method of our custom LDAP partition is not being called. I
> haven't been able to find the answer in your docs (probably because I
> don't know the terminology to search for :)
>
> So I'm wondering how we can hook into these baseless searches? Is
> there a way to set-up the partition so we will be passed these search
> requests?
>
> Is there a way to "plug-in" to handle these searches and modify them
> or direct them in some way to our custom partition.
'Root' searches are supposed to work well. The way it works is that it
looks into all the naming contexts present in the RootDSE entry. I guess
that you have such a naming context present, otherwise you would not be
able to do any search in your specific partition.
It may be a bug in 1.5.5. I suggest you quickly do a test with the
latest version (1.5.7) to see if the problem still exists (we fixed a
large number of bugs between 1.5.5. and 1.5.7). If the proble still
exists, then it's most certainly a bug and deserves a JIRA.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com