Need help with LDAP test data

[Maxim Solodovnik <so...@gmail.com>]

Hello,

I'm not LDAP expert
but until now was able to provide users of our project with working LDAP
integration (thanks to your ldap-api library)

Current implementation is covered by unit tests (thanks again :))
But not my test LDAP [1] need to be tuned to have:
1) referral entry
2) binary attribute
I would like to ask for the help with this

is it possible to have referral in same ldif file?
Is it possible to have binary data? if so is there any option to get mime
type of this data?
maybe someone has example? :))

[1]
https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/test/resources/schema/users.ldif

-- 
Best regards,
Maxim

Re: Need help with LDAP test data

[Maxim Solodovnik <so...@gmail.com>]

Thanks for the quick responses

Why I started to looks at referrals:
We are providing users with the config for setting up LDAP integration
One of the config parameters is "Ldap deref mode (never, searching,
finding, always)"
which is mapped directly to AliasDerefMode enum

And get this report https://markmail.org/message/n23y45supvgawxmw user
state referrals are not followed in his config
So I would like to write unit test for this :)

I'll check all the links and hopefully will be able to do it :))

On Thu, 16 Apr 2020 at 11:10, Emmanuel Lécharny <el...@gmail.com> wrote:

>
> On 15/04/2020 19:48, Stefan Seelmann wrote:
> > On 4/15/20 7:14 PM, Maxim Solodovnik wrote:
> >> Thanks a lot for detailed response!
> >>
> >> My test LDAP server is created in java unit test
> >>
> https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/test/java/org/apache/openmeetings/ldap/TestLdap.java#L69
> >>
> >> Shall I start 2 servers to test referrals?
> > I don't think it's required, it totally valid that referrals point to
> > the same server.
>
> You can set a referral on your own server. Just note that the search
> request will be executed using the exact same base DN, which means
> ultimately you are going to loop at some point...
>
> There are a few things to know though :
>
> - the Apache LDAP API does not support referral chasing (ie, you'll get
> the URL, but the API will not try to search it, you'll have to do it)
>
> - as a consequence, the Apache LDAP API does not stop hoping over
> referals after a limit (ie, just stop after 10 hops or whatever limit).
> This is up to you to manage a cycle.
>
> see [1] and [2]
>
>
> [1]
>
> https://issues.apache.org/jira/browse/DIRAPI-61?jql=text%20~%20%22chase%20referrals%22
>
> [2]
> https://issues.apache.org/jira/browse/DIRAPI-179?jql=text%20~%20%22chase%20referrals%22
>
>
> Emmanuel
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
>

-- 
Best regards,
Maxim

Re: Need help with LDAP test data

[Emmanuel Lécharny <el...@gmail.com>]

On 15/04/2020 19:48, Stefan Seelmann wrote:
> On 4/15/20 7:14 PM, Maxim Solodovnik wrote:
>> Thanks a lot for detailed response!
>>
>> My test LDAP server is created in java unit test
>> https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/test/java/org/apache/openmeetings/ldap/TestLdap.java#L69
>>
>> Shall I start 2 servers to test referrals?
> I don't think it's required, it totally valid that referrals point to
> the same server.

You can set a referral on your own server. Just note that the search 
request will be executed using the exact same base DN, which means 
ultimately you are going to loop at some point...

There are a few things to know though :

- the Apache LDAP API does not support referral chasing (ie, you'll get 
the URL, but the API will not try to search it, you'll have to do it)

- as a consequence, the Apache LDAP API does not stop hoping over 
referals after a limit (ie, just stop after 10 hops or whatever limit). 
This is up to you to manage a cycle.

see [1] and [2]


[1] 
https://issues.apache.org/jira/browse/DIRAPI-61?jql=text%20~%20%22chase%20referrals%22

[2]https://issues.apache.org/jira/browse/DIRAPI-179?jql=text%20~%20%22chase%20referrals%22


Emmanuel


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org

Re: Need help with LDAP test data

[Stefan Seelmann <ma...@stefan-seelmann.de>]

On 4/15/20 7:14 PM, Maxim Solodovnik wrote:
> Thanks a lot for detailed response!
> 
> My test LDAP server is created in java unit test
> https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/test/java/org/apache/openmeetings/ldap/TestLdap.java#L69
> 
> Shall I start 2 servers to test referrals?

I don't think it's required, it totally valid that referrals point to
the same server. And for basic test cases sufficent (like search
continuation and also referral to primary write server). What test
scenarios do have in mind?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org

Re: Need help with LDAP test data

[Maxim Solodovnik <so...@gmail.com>]

Thanks a lot for detailed response!

My test LDAP server is created in java unit test
https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/test/java/org/apache/openmeetings/ldap/TestLdap.java#L69

Shall I start 2 servers to test referrals?


On Thu, 16 Apr 2020 at 00:04, Stefan Seelmann <ma...@stefan-seelmann.de>
wrote:

> On 4/15/20 4:56 PM, Maxim Solodovnik wrote:
> > Current implementation is covered by unit tests (thanks again :))
> > But not my test LDAP [1] need to be tuned to have:
> > 1) referral entry
> > 2) binary attribute
> > I would like to ask for the help with this
> >
> > is it possible to have referral in same ldif file?
>
> Do you have a single test LDAP server running? In that case it's still
> possible to test referrals.
>
> You can inject an referal entry pointing to the same server, it looks
> like in [2]. But you need to adjust the hostname and especially the port
> of the ref attribute in code. Or you run the test LDAP server with a
> fixed port instead of a dynamic/free one which may cause testing issues
> if the port is already in use.
>
> Another option is to inject the referral entry via code like in [3].
>
> > Is it possible to have binary data? if so is there any option to get mime
> > type of this data?
>
> Binary data in LDIF is defined with 2 colons and the base64 encoded
> value. Lines can be wrapped with one leading space for each wrapped
> line. Example in [4].
>
> There is no mime type in LDAP. But attributes types have a syntax which
> defines the type of data (string, number), however in many cases like
> jpegPhoto the syntax is just OctetString which is not very helpful and
> often the data are gifs or bmps...
>
> Kind Regards,
> Stefan
>
> [2]
>
> https://github.com/apache/directory-studio/blob/master/tests/test.integration.ui/src/main/resources/org/apache/directory/studio/test/integration/ui/BrowserTest.ldif#L280
> [3]
>
> https://github.com/apache/directory-studio/blob/master/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/core/DirectoryApiConnectionWrapperTest.java#L133
> [4]
>
> https://github.com/apache/directory-studio/blob/master/tests/test.integration.ui/src/main/resources/org/apache/directory/studio/test/integration/ui/EntryEditorTest.ldif#L28
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
>

-- 
Best regards,
Maxim

Re: Need help with LDAP test data

[Stefan Seelmann <ma...@stefan-seelmann.de>]

On 4/15/20 4:56 PM, Maxim Solodovnik wrote:
> Current implementation is covered by unit tests (thanks again :))
> But not my test LDAP [1] need to be tuned to have:
> 1) referral entry
> 2) binary attribute
> I would like to ask for the help with this
> 
> is it possible to have referral in same ldif file?

Do you have a single test LDAP server running? In that case it's still
possible to test referrals.

You can inject an referal entry pointing to the same server, it looks
like in [2]. But you need to adjust the hostname and especially the port
of the ref attribute in code. Or you run the test LDAP server with a
fixed port instead of a dynamic/free one which may cause testing issues
if the port is already in use.

Another option is to inject the referral entry via code like in [3].

> Is it possible to have binary data? if so is there any option to get mime
> type of this data?

Binary data in LDIF is defined with 2 colons and the base64 encoded
value. Lines can be wrapped with one leading space for each wrapped
line. Example in [4].

There is no mime type in LDAP. But attributes types have a syntax which
defines the type of data (string, number), however in many cases like
jpegPhoto the syntax is just OctetString which is not very helpful and
often the data are gifs or bmps...

Kind Regards,
Stefan

[2]
https://github.com/apache/directory-studio/blob/master/tests/test.integration.ui/src/main/resources/org/apache/directory/studio/test/integration/ui/BrowserTest.ldif#L280
[3]
https://github.com/apache/directory-studio/blob/master/tests/test.integration.core/src/main/java/org/apache/directory/studio/test/integration/core/DirectoryApiConnectionWrapperTest.java#L133
[4]
https://github.com/apache/directory-studio/blob/master/tests/test.integration.ui/src/main/resources/org/apache/directory/studio/test/integration/ui/EntryEditorTest.ldif#L28



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org