Ok I hear ya. However here's a radical thought. Let's just do away with the LDAP provider in bb now and switch over to the new one where we are attempting to clarify and refactor all this. More inline ...
I still have failures on MiscITest, on both testDisableAnonymousBinds() and testEnableAnonymousBindsOnRootDSE() unit tests.
The reason why we have some failure is because we have disabled anonymous bind on the server. The big problem is that it's now handled in the Bind handler, which is called while creating the context.
The big problem is that as soon as we are not allowed to do an anonymous bind, then we can't anymore create a context. Then any kind of following operation will fail, and this is the reason why the tests are failing.
InitialContextCreation should not try to bind the user, unless we are not asking for an Anonymous Bind.
We hould just create a context, and return it to the user. As soon as e will try to do a search, if the Anonymous state is not allowed, then it will get an exception.
In fact, the Anonymous bind is not a bind at all, it's just a state we get into as soon as we open a session on the server. Until we close the session (or it is closed buy the server itself), the user is either in Anonymous state or in authenticated state. Switching from one state to the other requires either a user action (a Bind with another mechanism, an Unbind) or a server action (authent revocation if the authent is based on certificate, and the certificate is revoqued or expire during a session).
We have to review all the BigBang authentication mechanism as fast as possible.
I'm disabling those two tests.