directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <>
Subject Re: LDAP diagnostic tool - GSoC 2010
Date Mon, 24 May 2010 09:36:05 GMT
Keheliya Gallaba wrote:
>     > Apache LDAP API to send the modified messages to the server. I think
>     > responses coming from the server need not to be modified. They can be
>     > just captured for logging purposes, and redirected to the client
>     > unmodified.
>     Why not modiying or filtering the response? I think this is an essential
>     feature. In you proposal you already descibe several use cases.
> I initially thought it wont be necessary to modify the responses coming
> from the server, since I assumed they are well-formed. But now I
> understand there will be several use cases, like removing certain
> attributes and rewriting DNs, of entires in the responses.

Let me give you some concrete use cases:

The LDAP proxy should be able to rewrite DNs in both, request and
response messages. This may be helpful if the client application
contains some hard-coded DNs but the DIT structure in the server should
be changed.

The response of the server may include SearchResultReference messages.
It may be helpful to filter out such messages in case the client is not
able to handle referrals.

>     Can you please also describe what the "Validater" (should I be
>     calledValidator?) and "Debugger" are used for?
> Oh, sorry about that spelling mistake. I thought of validator as the
> unit for identifying messages that are not in the proper format.
> Debugger is for changing messages in real-time and sending them to the
> destination. 


> Looking forward for guidance from you all, to start with development.

I think you should start with a very simple version: A mini LDAP server
that listens for LDAP requests and redirects them unmodified to the real
server. And responses from the server are just redirected to the client.

To setup the server part please have a look into protocol-ldap module
[1]. I have no experience in that part of the code, but I think the
LdapServer class should give you an idea you how to start a server that
handles LDAP protocol.

Start a new maven project that depends on protocol-ldap and try to
create the server part. I think you don't have to write much code,
because all the bricks already exist, you just have to wire them.

Then use the client API [1] to send each received message to the server.

This is just a very vague description. Please ask if you need help, the
others will help you.

Kind Regards,


View raw message