You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by Emmanuel Lecharny <el...@gmail.com> on 2008/04/02 00:52:47 UTC

Removing non-existent values from an attribute

Hi Howard,

I'm just wondering why OpenLdap returns a noSuchAttribute when we try to 
delete a non-existent value from an existent attribute...

The 4511 RFCs says nothing about this specific case, even if the 
noSuchAttribute error code says :
"Indicates that the named entry does not contain the specified attribute 
or attribute value."

We currently don't returns an error, based on the fact that removing a 
non-existent value does not break the server, and will always be 
successfull, as the value will be removed (well, as it does not exist :).

Should we change ADS to generate an error or not ? Does Kurt said 
something specific about this case? I didn't found anything related on 
google...

Thanks !

-- 
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org

Re: Removing non-existent values from an attribute

Posted by Howard Chu <hy...@symas.com>.

Emmanuel Lecharny wrote:
> Hi Howard,
>
> I'm just wondering why OpenLdap returns a noSuchAttribute when we try to
> delete a non-existent value from an existent attribute...
>
> The 4511 RFCs says nothing about this specific case, even if the
> noSuchAttribute error code says :
> "Indicates that the named entry does not contain the specified attribute
> or attribute value."

> We currently don't returns an error, based on the fact that removing a
> non-existent value does not break the server, and will always be
> successfull, as the value will be removed (well, as it does not exist :).
>
> Should we change ADS to generate an error or not ? Does Kurt said
> something specific about this case? I didn't found anything related on
> google...

It may not be explicitly stated in the RFCs, but it is explicitly stated in 
the Abstract Service Definition (X.511, section 11.)

11.3.2 ModifyEntry arguments
    b) removeAttribute - Any attempt to remove a non-existing attribute 
results in an AttributeError.
    d) removeValues - If the values are not present in the attribute, this 
results in an AttributeError.

I'll also note that OpenLDAP implements Microsoft's PermissiveModify control 
(1.2.840.113556.1.4.1413) which is used specifically to override this 
behavior, which essentially gives what you're already doing by default.

The actual text of the RFCs are not a complete definition of LDAP. They 
incorporate the X.500 specs by explicit reference; you have to look there 
first whenever you run into something inadequately specified in the RFCs.
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/