|
From: <g....@au...> - 2017-08-30 09:16:15
|
Hello Neil,
Thanks for your reply.
On the way implementing that interceptor I had to realize that a referral didn't solve my problem.
But I was able to intercept the request which doesn't have a base ("") and reply with an entry which contained the needed information for the client.
And that finally solved my problem. :-)
Regards,
Gerrit
Von: Neil Wilson via ldap-sdk-discuss [mailto:lda...@li...]
Gesendet: Dienstag, 29. August 2017 21:26
An: LDAP SDK Discussions
Cc: Neil Wilson
Betreff: Re: [ldap-sdk-discuss] Adding referral to InMemoryDirectoryServer
Although both the LDAP SDK and the in-memory directory server support referrals, you cannot create referral entries above non-referral entries. You probably don’t really want that anyway, because referral entries generally apply to all types of operations, and you don’t want the server telling the client to send a modify attempt targeting “DC=local” to “DC=test,DC=company,DC=local” instead.
Presumably, what you really want is to have only search operations with a base DN that is superior to “DC=test,DC=company,DC=local” to receive a referral telling them to use a base DN of “DC=test,DC=company,DC=local”. If you want that, you can achieve it with an InMemoryOperationInterceptor that intercepts search requests and throws an LDAPException with a referral result if the request has a base DN that is superior to the desired base DN. The attached ReferSearchesAboveBaseInMemoryOperationInterceptor.java source file does exactly that.
It’s pretty trivial to use the attached interceptor. Just use the InMemoryDirectoryServerConfig.addInMemoryOperationInterceptor method. For example:
final String baseDN = "DC=test,DC=company,DC=local";
final InMemoryDirectoryServerConfig cfg =
new InMemoryDirectoryServerConfig(baseDN);
cfg.addInMemoryOperationInterceptor(
new ReferSearchesAboveBaseInMemoryOperationInterceptor(baseDN));
final InMemoryDirectoryServer ds = new InMemoryDirectoryServer(cfg);
ds.add(
"dn: DC=test,DC=company,DC=local",
"objectClass: top",
"objectClass: domain",
"DC: test");
ds.startListening();
try
{
final LDAPConnectionOptions connectionOptions =
new LDAPConnectionOptions();
connectionOptions.setFollowReferrals(true);
try (LDAPConnection connection = ds.getConnection(connectionOptions))
{
final SearchResult searchResult = connection.search("DC=local",
SearchScope.SUB, Filter.createPresenceFilter("objectClass"));
LDAPTestUtils.assertResultCodeEquals(searchResult, ResultCode.SUCCESS);
LDAPTestUtils.assertEntriesReturnedEquals(searchResult, 1);
LDAPTestUtils.assertEntryReturned(searchResult,
"DC=test,DC=company,DC=local");
}
}
finally
{
ds.shutDown(true);
}
I hope this does what you need, or at least puts you on the right track.
Neil
On Tue, Aug 29, 2017 at 7:36 AM, <g....@au...> wrote:
Hello everyone,
I'm currently "fighting" with the InMemoryDirectoryServer.
So far it works perfectly. I can use SSL/TLS, I can add credentials as well as entries.
But somehow I can't figure out how to add referrals.
My base DN is "DC=test,DC=company,DC=local" and I want referrals on each of the previous levels ("DC=company,DC=local", "DC=local", "") pointing to that base DN.
Regards,
Gerrit
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
ldap-sdk-discuss mailing list
lda...@li...
https://lists.sourceforge.net/lists/listinfo/ldap-sdk-discuss
CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
|
