search

tusury / vt-middleware

Automatically exported from code.google.com/p/vt-middleware
0 stars 0 forks source link

ldaptive: Empty baseDn in SearchRequest Properties does not work correctly #213

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
I'm using ldaptive 1.0.2. When trying to use an empty baseDn in LDAP searches 
the returned DN ends with an unnecessary comma, making it impossible to use 
this DN for other LDAP queries.

1) I use org.ldaptive.auth.PooledSearchDnResolver that extends 
org.ldaptive.auth.AbstractSearchDnResolver for LDAP searches

2) AbstractSearchDnResolver uses "" for empty baseDns:
   private String baseDn = "";

3) For the search org.ldaptive.provider.jndi.JndiConnection is used that has 
the method formatDn(...) where baseDn is checked to determine how to build the 
full DN:
1219          if (baseDn != null) {
1220            if (!"".equals(resultName)) {
1221              fqName = new 
StringBuilder(readCompositeName(resultName)).append(
1222                ",").append(baseDn);
1223            } else {
1224              fqName = new StringBuilder(baseDn);
1225            }
1226          } else {
1227            fqName = new StringBuilder(readCompositeName(resultName));
1228          }

4) Since baseDn is set to "" before this will result in a trailing comma.

If I'm not missing something, it should be
1219          if ((baseDn != null) && (!"".equals(baseDn))) {

Original issue reported on code.google.com by andreas....@gmail.com on 28 Mar 2014 at 11:30

GoogleCodeExporter commented 8 years ago

Original comment by dfis...@gmail.com on 28 Mar 2014 at 6:19

GoogleCodeExporter commented 8 years ago 
Fixed in r2937.

I couldn't get my test directories to return a relative DN with a non-empty 
resultName and an empty baseDn.
The fix seems fine, but I am curious how you were searching on the rootDSE and 
got a non-empty name.
Could you post some trace logs for your test?
Thanks.

Original comment by dfis...@gmail.com on 28 Mar 2014 at 10:28

GoogleCodeExporter commented 8 years ago 
I can't provide any logs at the moment, but your comment made me research this 
a little bit and it appears to me, that the IBM Notes/Domino LDAP server I have 
to query is the only implementation of an LDAP server that does not need a 
baseDn. I didn't know that before. Is one of your test directories a Notes LDAP?
Thanks for fixing this.

Original comment by andreas....@gmail.com on 31 Mar 2014 at 6:34

GoogleCodeExporter commented 8 years ago 
Thanks for the explanation.

Original comment by dfis...@gmail.com on 31 Mar 2014 at 5:38