Launch Exception in com.unboundid.ldap.sdk.schema.Schema constructor

[chevaris]

Hi there,

I have noticed that Schema class is able to create objects even when provided schema syntax is wrong. When that is happening the Schema object will have some attributes and objectClasses, but the API is not warning that provided schema is wrong. The implementation is able to detect problem, but simply logs them in debug level, creating an object.

 for (final String def : defs)
  {
    try
    {
      final AttributeSyntaxDefinition as =
           new AttributeSyntaxDefinition(def);
      s.add(as);
      m.put(toLowerCase(as.getOID()), as);
    }
    catch (final LDAPException le)
    {
      debugException(le);
    }
  }

In my view, the Schema class should provide and Exception when the provided schema info is wrong (e.g. via file). Basically the proposed change is throw the LDAPException instead of catching it.

Otherwise the library user does not have any mean to validate that the schema objects are constructed as expected.

Regards,

Evaristo

[dirmgr]

This was intentional. Even if a schema entry contained one or more unparsable elements, we still wanted to make it possible to retrieve whatever valid schema elements there were in that entry. This provides a measure of protection against servers that might expose one or more malformed definitions, as well as the possibility that the LDAP SDK might have a bug that could prevent a valid definition from being parsed for some reason.

However, there are also definite benefits to providing access to information about unparsable schema elements. As such, I have just committed a change (https://github.com/pingidentity/ldapsdk/commit/8632085ed0b7d5f77699fe6cbd401bc05d05b424) that adds a new constructor to the Schema class that allows you to provide a bunch of Map<String,LDAPException> objects that will be populated with information about any malformed schema elements. Further, I have added some additional static methods that can be used to decode a schema entry, read schema from an LDAP connection, or read schema definitions from LDIF files, and to have these methods throw an exception if they encounter any unparsable schema elements.

These new methods should be available in the next release of the LDAP SDK, which I expect to be sometime in August. If you need them sooner than that, you can check out and build the LDAP SDK for yourself, or you can write your own code to iterate through the ldapSyntaxes, matchingRules, attributeTypes, objectClasses, dITContentRules, dITStructureRules, nameForms, and matchingRuleUse values, decoding them using the appropriate classes in the schema package and handling any errors however you see fit.

[chevaris]

Thanks a lot!!!!! Looks great for me.

I have seen you are not accepting contributions, but at some point in time if you change your mind , I could help...

[dirmgr]

Thanks for the offer of assistance, but it’s Ping Identity’s policy to not accept third-party code. However, bug reports and feature requests are definitely welcome.