You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <di...@incubator.apache.org> on 2005/10/29 06:14:55 UTC

[jira] Commented: (DIRLDAP-51) Incorrect matched DN in the bind response (and others depending on the result code)

    [ http://issues.apache.org/jira/browse/DIRLDAP-51?page=comments#action_12356254 ] 

Emmanuel Lecharny commented on DIRLDAP-51:
------------------------------------------

This bug is related to RFC 2251. It's not any more a bug for http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-protocol-32.txt, 4.1.9 :
"For certain result codes (typically, but not restricted to 
   noSuchObject, aliasProblem, invalidDNSyntax and 
   aliasDereferencingProblem), the matchedDN field is set (subject to 
   access controls) to the name of the last entry (object or alias) used 
   in finding the target (or base) object. This will be a truncated form 
   of the provided name or, if an alias was dereferenced while 
   attempting to locate the entry, of the resulting name. Otherwise the 
   matchedDN field is empty. "

A flag could be added in configuration to address the possibility to handle ldap-v3 or ldap-bis specific cases.

> Incorrect matched DN in the bind response (and others depending on the result code)
> -----------------------------------------------------------------------------------
>
>          Key: DIRLDAP-51
>          URL: http://issues.apache.org/jira/browse/DIRLDAP-51
>      Project: Directory LDAP
>         Type: Bug
>   Components: Common
>     Versions: 0.9.2
>     Reporter: Jérôme Baumgarten
>     Priority: Trivial

>
> According to RFC 2251 [1], section "4.1.10. Result Message", the matched DN for a bind response should be a zero length string.
> I believe that other handlers should also be reviewed according to the following :
>    For result codes of noSuchObject, aliasProblem, invalidDNSyntax and
>    aliasDereferencingProblem, the matchedDN field is set to the name of
>    the lowest entry (object or alias) in the directory that was matched.
>    If no aliases were dereferenced while attempting to locate the entry,
>    this will be a truncated form of the name provided, or if aliases
>    were dereferenced, of the resulting name, as defined in section 12.5
>    of X.511. The matchedDN field is to be set to a zero length
>    string with all other result codes.
> Jérôme
> [1] : http://www.ietf.org/rfc/rfc2251.txt

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira