You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Emmanuel Lecharny <el...@gmail.com> on 2008/04/02 00:52:47 UTC
Removing non-existent values from an attribute
Hi Howard,
I'm just wondering why OpenLdap returns a noSuchAttribute when we try to
delete a non-existent value from an existent attribute...
The 4511 RFCs says nothing about this specific case, even if the
noSuchAttribute error code says :
"Indicates that the named entry does not contain the specified attribute
or attribute value."
We currently don't returns an error, based on the fact that removing a
non-existent value does not break the server, and will always be
successfull, as the value will be removed (well, as it does not exist :).
Should we change ADS to generate an error or not ? Does Kurt said
something specific about this case? I didn't found anything related on
google...
Thanks !
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
Re: Removing non-existent values from an attribute
Posted by Howard Chu <hy...@symas.com>.
Emmanuel Lecharny wrote:
> Hi Howard,
>
> I'm just wondering why OpenLdap returns a noSuchAttribute when we try to
> delete a non-existent value from an existent attribute...
>
> The 4511 RFCs says nothing about this specific case, even if the
> noSuchAttribute error code says :
> "Indicates that the named entry does not contain the specified attribute
> or attribute value."
> We currently don't returns an error, based on the fact that removing a
> non-existent value does not break the server, and will always be
> successfull, as the value will be removed (well, as it does not exist :).
>
> Should we change ADS to generate an error or not ? Does Kurt said
> something specific about this case? I didn't found anything related on
> google...
It may not be explicitly stated in the RFCs, but it is explicitly stated in
the Abstract Service Definition (X.511, section 11.)
11.3.2 ModifyEntry arguments
b) removeAttribute - Any attempt to remove a non-existing attribute
results in an AttributeError.
d) removeValues - If the values are not present in the attribute, this
results in an AttributeError.
I'll also note that OpenLDAP implements Microsoft's PermissiveModify control
(1.2.840.113556.1.4.1413) which is used specifically to override this
behavior, which essentially gives what you're already doing by default.
The actual text of the RFCs are not a complete definition of LDAP. They
incorporate the X.500 specs by explicit reference; you have to look there
first whenever you run into something inadequately specified in the RFCs.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/