directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu" <>
Subject Re: [bigbang] Internal bind problem
Date Wed, 19 Dec 2007 22:33:57 GMT
Hi Enrique,

You're right we have to find a better way to deal with this problem.  I did
not have the time to do this right but I added the exception to warn folks
like you from some serious bugs that could result from not using a
normalized DN.

I really would stay away from using the overloaded version of the method
that does not require a normalized DN , if you could please make that one
throw an exception as well.  The best thing to do is to normalize the DN.
You can do this by getting a handle on the directoryService and using that
to get access to the attributeType registry.  Then use this to get the
normalizer to attribute type mapping that is fed into the normalize() method
as the argument.


On Dec 19, 2007 4:43 PM, Enrique Rodriguez <> wrote:

> On Dec 19, 2007 12:14 AM, Emmanuel Lecharny <> wrote:
> > Hi Enrique,
> >
> > you can use the ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED constant.
> > It's a normalized form of the admin principal.
> I saw this constant, but the problem is that the LdapPrincipal
> constructor calls LdapDN#isNormalized() and throws the
> IllegalStateException.  I would need to create the LdapDN with the
> above normalized constant AND somehow set isNormalized to return
> 'true'.
> Anyway, I got around this (for now) by noticing that an alternate form
> of the LdapPrincipal constructor won't evaluate the
> LdapDN#isNormalized and thus won't ever throw the
> IllegalStateException.  I just have to pass in a null userPassword.
> This doesn't feel like a real solution, but it does allow me to have
> SASL GSSAPI integration tests working again.
> Enrique

View raw message