search

pingidentity / ldapsdk

UnboundID LDAP SDK for Java
Other
334 stars 81 forks source link

Migrate from Novell/OpenLDAP JLDAP #110

Closed idsecurity closed 3 years ago

idsecurity commented 3 years ago

Hi, I'm looking at migrating from the Novell/OpenLDAP JLDAP library to ldapsdk. I use some classes for LDAP extended operations and some are closed source, preventing me to rewrite them.

They extend the com.novell.ldap.LDAPExtendedOperation and LDAPExtendedResponse.

I've noticed that you have support for converting Netscape and JNDI types to "native" ldapsdk types.

Is it possible to add support for converting from Novell types as well?

Example: https://git.openldap.org/openldap/jldap/-/blob/master/com/novell/ldap/LDAPExtendedOperation.java

Thanks.

dirmgr commented 3 years ago

It is my understanding that JLDAP is very similar to the Netscape Directory SDK for Java, and the example that you pointed to for LDAPExtendedOperation.java is very similar to the existing com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPExtendedOperation class.

If you have a specific subclass of a JLDAP LDAPExtendedOperation that you can't rewrite, then it may still be possible to treat it as a generic LDAPExtendedOperation, and then use the UnboundID LDAP SDK's toExtendedRequest method to convert it to the format that the LDAP SDK expects. Alternatively, you could create a new ExtendedRequest using the getID and getValue methods.

If this won't work for some reason, then could you provide more concrete examples of what you would like to see?

idsecurity commented 3 years ago

My initial thought was keeping JLDAP on the classpath and take the extended operations and "convert" them at runtime to com.unboundid.ldap.sdk.ExtendedRequest so I could use com.unboundid.ldap.sdk.LDAPConnection instead of com.novell.ldap.LDAPConnection.

But thinking more on that I don't how feasible it is.

I took a closer look at the closed source classes and they actually implement javax.naming.ldap.ExtendedRequest meaning I can use com.unboundid.ldap.sdk.migrate.jndi.JNDIConverter.convertExtendedRequest.

For some reason the original request object prior to using convertExtendedRequest has \u0004 and \u001d before the actual ASN1OctetString, after conversion that is removed, leading to a response such as this Unable to decode request data.

Sorry to bother you, this is an issue outside the ldapsdk, on my end. Have to think some more...