python-ldap-dev

[patch] Demo/simplebrowse.py fixes/enhancemnts

[Paul S. <Pau...@te...>]

Hello python-ldap-dev,

  Since there's no patch manager on
http://sf.net/projects/python-ldap/ :

  I like simplebrowse.py - it's kind of utility I was always missing
in my communication with LDAP ;-) . I'm missing "cd .." though, and it
keeps saying "invalid command" for almost any entered one. Fix is
attached.

--
Paul Sokolovsky, IT Specialist
http://www.brainbench.com/transcript.jsp?pid=11135

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Michael <mi...@st...>]

Paul Sokolovsky wrote:
> 
>   I like simplebrowse.py - it's kind of utility I was always missing
> in my communication with LDAP ;-) . I'm missing "cd .." though, and it
> keeps saying "invalid command" for almost any entered one. Fix is
> attached.

I've commited it.

Ciao, Michael.

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[David L. <dav...@it...>]

On Thu, 13 Dec 2001, Michael Str=F6der typed thusly:

> >   I like simplebrowse.py - it's kind of utility I was always missing
> > in my communication with LDAP ;-) . I'm missing "cd .." though, and it
> > keeps saying "invalid command" for almost any entered one. Fix is
> > attached.
>
> I've commited it.

But, the structure of DNs is not that simple. What you're saying is that
you want to find the 'parent' object of an object. But the simple removing
of some component of the DN isn't guaranteed to work.

e.g.  A=3Da,B=3Db,C=3Dc may not have as parent A=3Da,B=3Db but instead B=3D=
b,C=3Dc.
I found this out the hard way when doing some testing ..

Now, I don't fully understand X.500 so maybe someone else knows a way of
properly defining and implementing "cd .."?

d
--=20
David Leonard                           Dav...@it...
Dept of Inf. Tech. and Elec. Engg   _   Ph:+61 404 844 850
The University of Queensland       |+|  http://www.itee.uq.edu.au/~leonard/
QLD 4072  AUSTRALIA               ~` '~ B73CD65FBEF4C089B79A8EBADF1A932F13E=
A0FC8

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Michael <mi...@st...>]

David Leonard wrote:
> 
> On Thu, 13 Dec 2001, Michael Ströder typed thusly:
> 
> > >   I like simplebrowse.py - it's kind of utility I was always missing
> > > in my communication with LDAP ;-) . I'm missing "cd .." though, and it
> > > keeps saying "invalid command" for almost any entered one. Fix is
> > > attached.
> >
> > I've commited it.
> 
> But, the structure of DNs is not that simple. What you're saying is that
> you want to find the 'parent' object of an object. But the simple removing
> of some component of the DN isn't guaranteed to work.

???

David, you're right that DN parsing is not that simple (escaping of
special chars). Therefore I've commited a patch that uses
ldap.explode_dn(dn) instead string.split(dn,",") hoping that the
LDAP lib does it right.

But going up one level in the LDAP DN hierarchy is exactly removing
the RDN, the first DN component (first item of list returned by
ldap.explode_dn()).

> e.g.  A=a,B=b,C=c may not have as parent A=a,B=b but instead B=b,C=c.
> I found this out the hard way when doing some testing ..

Yes. The parent entry of A=a,B=b,C=c with LDAP is B=b,C=c. That's
exactly what Paul's patch is doing.

> Now, I don't fully understand X.500 so maybe someone else knows a way of
> properly defining and implementing "cd .."?

Note that in X.500 DNs are usually noted from root to entry's RDN in
the order left-to-right. In opposite with LDAP the order from tree
root to entry's RDN is right-to-left (separated by comma, see RFC
2253).

Ciao, Michael.

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[David L. <dav...@it...>]

On Wed, 19 Dec 2001, Michael Str=F6der typed thusly:

> Note that in X.500 DNs are usually noted from root to entry's RDN in
> the order left-to-right. In opposite with LDAP the order from tree
> root to entry's RDN is right-to-left (separated by comma, see RFC
> 2253).

ahhhh... that was the cause of some of my confusion.  thanks.

Paul Sokolovsky wrote:
> yes, some intermediate levels may not exist, but don't you want to
> see corresponding exception with your own eyes?

mmmm.. yes - i guess its just a demo as you say :)

d
--=20
David Leonard                           Dav...@it...
Dept of Inf. Tech. and Elec. Engg   _   Ph:+61 404 844 850
The University of Queensland       |+|  http://www.itee.uq.edu.au/~leonard/
QLD 4072  AUSTRALIA               ~` '~ B73CD65FBEF4C089B79A8EBADF1A932F13E=
A0FC8

DN parsing (was: [patch] Demo/simplebrowse.py fixes/enhancemnts)

[Michael <mi...@st...>]

David Leonard wrote:
> 
> On Wed, 19 Dec 2001, Michael Ströder typed thusly:
> 
> > Note that in X.500 DNs are usually noted from root to entry's RDN in
> > the order left-to-right. In opposite with LDAP the order from tree
> > root to entry's RDN is right-to-left (separated by comma, see RFC
> > 2253).
> 
> ahhhh... that was the cause of some of my confusion.  thanks.

Over LDAP you always get the LDAP DN string representation of the
DN. No matter if the LDAP server just acts as a gateway to a X.500
DSA or as a stand-alone LDAP server with own DB backend.

BTW: Even OpenLDAP does not do the DN parsing completely. Comparing
equality of DNs is not trivial. I thought about implementing a
Python class for that.

David, do you have a suggestion how to implement parsing DNs? E.g.
break up

'cn=Stroeder\, Mic...@st...,ou=Weird
chars\=\+\,\#,dc=stroeder,dc=com'

into a Python data structure:

[
  [
    ('cn',u'Stroeder, Michael'),
    ('mail',u'mi...@st...')
  ],
  [
    ('ou',u'Weird chars=+,#')
  ],
  [
    ('dc',u'stroeder')
  ],
  [
   ('dc',u'com')
  [,
]

Note the multi-valued RDN. See RFC 2253 for the BNF of this mess...

Ciao, Michael.

Re[2]: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Paul S. <Pau...@te...>]

Hello David,

David Leonard wrote on Wednesday, December 19, 2001:

[]

DL> e.g.  A=a,B=b,C=c may not have as parent A=a,B=b but instead B=b,C=c.
DL> I found this out the hard way when doing some testing ..

DL> Now, I don't fully understand X.500 so maybe someone else knows a way of
DL> properly defining and implementing "cd .."?

    I understand that it's not that simple, but it's just the demo and
my hack likely fixed it a bit and added some feature ;-) . I don't
think it's a big problem anyway - yes, some intermediate levels may
not exist, but don't you want to see corresponding exception with
your own eyes? I've tested that I can get to RootDNS with it (on my
own install, it's closed on ldap://openldap.org for example), and that
I can't get above it, so it's kinda QAed ;-) .

DL> d
DL> --
DL> David Leonard                           Dav...@it...

[]


--
Paul Sokolovsky, IT Specialist
http://www.brainbench.com/transcript.jsp?pid=11135

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Michael <mi...@st...>]

Paul Sokolovsky wrote:
> 
> DL> Now, I don't fully understand X.500 so maybe someone else knows a way of
> DL> properly defining and implementing "cd .."?
> 
>     I understand that it's not that simple, but it's just the demo and
> my hack likely fixed it a bit and added some feature ;-) . I don't
> think it's a big problem anyway - yes, some intermediate levels may
> not exist, but don't you want to see corresponding exception with
> your own eyes?

If the parent entry does not exist you either have to catch
ldap.NO_SUCH_OBJECT or handle a referral. I see no problem either.

Ciao, Michael.

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Jacek K. <ja...@bn...>]

On Thu, Dec 13, 2001 at 10:06:25PM +0200, Paul Sokolovsky wrote:
> Hello python-ldap-dev,
> 
>   Since there's no patch manager on
> http://sf.net/projects/python-ldap/ :
> 
>   I like simplebrowse.py - it's kind of utility I was always missing
> in my communication with LDAP ;-) 

So maybe you could help me with testing my pydibr --- LDAP browser with
curses interface.

No release yet, but it is available on PLD's anoncvs:
cvs -d ':pserver:cv...@cv...:/cvsroot' login
(password cvs)
cvs -d ':pserver:cv...@cv...:/cvsroot' checkout pydibr

I know I should clean it up, make a release (but I am waiting for
python-ldap release) and prepare home page for this project, but 
I am a bit lazy and (at the moment) busy :-)
And I think that if there is anybody interested in such thing he is on
this list :-)

Greets,
        Jacek

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Michael <mi...@st...>]

Jacek Konieczny wrote:
> 
> On Thu, Dec 13, 2001 at 10:06:25PM +0200, Paul Sokolovsky wrote:
> > Hello python-ldap-dev,
> >
> >   Since there's no patch manager on
> > http://sf.net/projects/python-ldap/ :
> >
> >   I like simplebrowse.py - it's kind of utility I was always missing
> > in my communication with LDAP ;-)
> 
> So maybe you could help me with testing my pydibr --- LDAP browser with
> curses interface.

Hmm, then I'd like to note that http://web2ldap.de's HTML output is
intentionally friendly to console-based web browsers like lynx and
w3m. Check the online demo at http://sites.inka.de:8002/web2ldap.
Testers welcome... ;-)

Ciao, Michael.

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Jacek K. <ja...@bn...>]

On Fri, Dec 14, 2001 at 05:50:20PM +0100, Michael Str=F6der wrote:
> Hmm, then I'd like to note that http://web2ldap.de's HTML output is
> intentionally friendly to console-based web browsers like lynx and
> w3m.=20
I belive your web2ldap is a great thing, but I don't need another layer
between LDAP and UI.
And the second thing is, that I am going to use LDAP for system
administration, and I don't like mixing administration with web
(I hate WWW interfaces to network devices like switches etc.)

> Check the online demo at http://sites.inka.de:8002/web2ldap.
> Testers welcome... ;-)
At the moment I don't even have time to work on pydibr (or check if it
stll works), but I will check this some day :-)

Greets,
        Jacek

Re: [patch] Demo/simplebrowse.py fixes/enhancemnts

[Michael <mi...@st...>]

Jacek Konieczny wrote:
> 
> > Check the online demo at http://sites.inka.de:8002/web2ldap.
> > Testers welcome... ;-)
> At the moment I don't even have time to work on pydibr (or check if it
> stll works), but I will check this some day :-)

If you have already python-ldap installed (the big hurdle) running
web2ldap is just unzipping the source distribution and issuing the
command

$ python sbin/web2ldap -d off

in the unzipped directory without prior configuration. The default
config is suitable for doing something meaningful with ~80% of LDAP
servers out there.

If you don't have the time to work on your pydibr that might be a
good chance to have at least something working despite your mental
problems with web interfaces in general... ;-)

Note: The recent web2ldap snapshots need python-ldap checked out
from CVS *very* recently (mostly the same day :-).

Ciao, Michael.