LDAP API 1.0 status

[Emmanuel Lécharny <el...@gmail.com>]

Hi guys,


a quick update on what's going on:  there is not much change in the
current code, beside a few modifications done in the Ldap


- Relaxed the Filter parser to allow spaces to be present when it's not
ambiguous (like '(  &  (...' is now accepted)

- The PersistentSearch codec was buggy

- Added a isSecured() metod in the LdapNetworkConnection class

- Made it so every operation connect to the ldap server if it's not
already connected. This is important for people wanting to apply an
operation over an anonymous connection

- Fixed the TrustmanagerFactory

- Added a LdapNetworkConnection that takes a TrustManager as a
parameter, to allow users to create a SSL connection immediately

- Made ApacheDS working with the API (it was broken for quite some time)


Some effort has been put on teh API documentation - thanks to Shawn for
the proof reading - but there is stilla  lot to do. I'm currently
working on the Security pages
(http://directory.staging.apache.org/api/user-guide/5-ldap-security.html
and the associated pages). My current focus is on SASL, the SSL and
StartTLS pages are complete - well, unless we have something to add ;-)...


Feel free to review them !


TODO before 1.0 :

We need to improve the Trustmanagerfactory to check the server's
certificate by default, currently we don't check anything, this is not
good. Stefan already mailed about the issue.


Many thanks !


-- 
Emmanuel Lecharny

Symas.com
directory.apache.org

Re: LDAP API 1.0 status

[Radovan Semancik <ra...@evolveum.com>]

Hi,

This looks like a nice development. Thanks. I'll test it with my 
multi-LDAP testbed. But it will take a week or two until I get to that.

-- 
Radovan Semancik
Software Architect
evolveum.com



On 01/23/2017 10:23 AM, Emmanuel Lécharny wrote:
> Hi guys,
>
>
> a quick update on what's going on:  there is not much change in the
> current code, beside a few modifications done in the Ldap
>
>
> - Relaxed the Filter parser to allow spaces to be present when it's not
> ambiguous (like '(  &  (...' is now accepted)
>
> - The PersistentSearch codec was buggy
>
> - Added a isSecured() metod in the LdapNetworkConnection class
>
> - Made it so every operation connect to the ldap server if it's not
> already connected. This is important for people wanting to apply an
> operation over an anonymous connection
>
> - Fixed the TrustmanagerFactory
>
> - Added a LdapNetworkConnection that takes a TrustManager as a
> parameter, to allow users to create a SSL connection immediately
>
> - Made ApacheDS working with the API (it was broken for quite some time)
>
>
> Some effort has been put on teh API documentation - thanks to Shawn for
> the proof reading - but there is stilla  lot to do. I'm currently
> working on the Security pages
> (http://directory.staging.apache.org/api/user-guide/5-ldap-security.html
> and the associated pages). My current focus is on SASL, the SSL and
> StartTLS pages are complete - well, unless we have something to add ;-)...
>
>
> Feel free to review them !
>
>
> TODO before 1.0 :
>
> We need to improve the Trustmanagerfactory to check the server's
> certificate by default, currently we don't check anything, this is not
> good. Stefan already mailed about the issue.
>
>
> Many thanks !
>
>

Re: LDAP API 1.0 status

[Shawn McKinney <sm...@apache.org>]

> On Jan 23, 2017, at 3:23 AM, Emmanuel Lécharny <el...@gmail.com> wrote:
> 
> Some effort has been put on teh API documentation - thanks to Shawn for
> the proof reading - but there is stilla  lot to do. I'm currently
> working on the Security pages
> (http://directory.staging.apache.org/api/user-guide/5-ldap-security.html
> and the associated pages). My current focus is on SASL, the SSL and
> StartTLS pages are complete - well, unless we have something to add ;-)...
> 
> 
> Feel free to review them !

Out of town this week but will try to get to making another pass next week.