Return-Path: 
 <dev-return-40413-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
X-Original-To: apmail-directory-dev-archive@www.apache.org
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id A81D79CCC
	for <apmail-directory-dev-archive@www.apache.org>;
 Fri, 17 Feb 2012 14:50:49 +0000 (UTC)
Received: (qmail 73540 invoked by uid 500); 17 Feb 2012 14:50:49 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 73510 invoked by uid 500); 17 Feb 2012 14:50:49 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 73503 invoked by uid 99); 17 Feb 2012 14:50:49 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 14:50:49 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of pajbam@gmail.com designates
 74.125.82.178 as permitted sender)
Received: from [74.125.82.178] (HELO mail-we0-f178.google.com) (74.125.82.178)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Feb 2012 14:50:41 +0000
Received: by werb12 with SMTP id b12so2597375wer.37
        for <dev@directory.apache.org>; Fri, 17 Feb 2012 06:50:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=sender:from:content-type:subject:date:message-id:to:mime-version
         :x-mailer;
        bh=ns2KDQ/EnROalMmB4V1GhM0qdNpFEMJDyE6jp6Lz+ak=;
        b=YmOLIFtMTLC40geJrft0jjkqwN3w09A6FC/ztXydhyunIvN3r/3Oa71MLdfdLDngLG
         tgCWliVNAOYYsfzu8hqr09ofWCSDVraDs3QSQuKzlS+KL7KODXg+d3zBdTV6CGEmk6/b
         Itnd1AuPd8iU/EQVpLEnnOjY3VJz4hystUxvU=
Received: by 10.180.81.66 with SMTP id y2mr4219613wix.20.1329490220228;
        Fri, 17 Feb 2012 06:50:20 -0800 (PST)
Received: from [192.168.0.12] (lon92-10-78-226-4-211.fbx.proxad.net.
 [78.226.4.211])
        by mx.google.com with ESMTPS id s2sm36296313wix.3.2012.02.17.06.50.17
        (version=TLSv1/SSLv3 cipher=OTHER);
        Fri, 17 Feb 2012 06:50:19 -0800 (PST)
Sender: Pierre-Arnaud Marcelot <pajbam@gmail.com>
From: Pierre-Arnaud Marcelot <pa@marcelot.net>
Content-Type: multipart/alternative;
 boundary="Apple-Mail=_168098E1-3DA2-4131-AF57-703426A1D0DE"
Subject: [Studio][API] Binary attributes corruption issue
Date: Fri, 17 Feb 2012 15:50:16 +0100
Message-Id: <6F5D30FA-F438-4784-AB67-C8CF389EED65@marcelot.net>
To: Apache Directory Developers List <dev@directory.apache.org>
Mime-Version: 1.0 (Apple Message framework v1257)
X-Mailer: Apple Mail (2.1257)


--Apple-Mail=_168098E1-3DA2-4131-AF57-703426A1D0DE
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=iso-8859-1

Hi guys,

Just a status report on the major issue we have in the API and Apache =
Directory Studio regarding binary attributes corruption.

For more background about this, read the following JIRA issues:
- [1] DIRAPI-78 (Binary attributes are not correctly recognized and are =
retrieved with data corruption)
- [2] DIRSTUDIO-772 (Entry UUID Editor can't display eDirectory GUID)
- [3] DIRSTUDIO-764 (Image Editor does not work correctly)

In a nutshell, due to the lack of schema manager, the LDAP API, which is =
used inside Studio, has no knowledge about binary attributes and handles =
all values as if they were string value.
Do so, for binary attributes, the received data is not correct and ends =
up being corrupted.

In order to fix this issue, Emmanuel and I worked on adding 2 ways for =
users to have binary attributes handled correctly.

1=B0/ The lightweight solution: the BinaryAttributeDetector

A DefaultConfigurableBinaryAttributeDetector class has been added to the =
configuration of an LDAP connection.
By default it includes a list of known binary attributes and methods to =
add and removed values to/from this list.
A user can also provide his own detector implementation via the =
BinaryAttributeDetector interface.

When the LDAP connection retrieves a new attribute value from a server, =
it will check via the BinaryAttributeDetector whether or not the =
attribute is binary and get the value according to this flag.

This first simple solution has been completely implemented and works =
fine for both the API and Studio.

2=B0/ The complete solution: loading the remote schema

The second solution is to make the connection schema-aware by allowing =
the load of the schema remotely.
It requires a lot more work as we're trying to load the whole schema of =
the server via LDAP through the SubSchemaSubEntry.

This solution is much more complex to implement than it seems and there =
are a lot of different corner cases:
- whether or not the SubSchemaSubEntry is exposed
- the kind of server (ApacheDS, OpenLDAP, OpenDJ, Active Directory, etc)
- is the schema complete and correct?

The more we implement this solution, the more we're hitting important =
issues with the internal design of the schema and how it is loaded =
(through the schema manager).

Implementing this second solution requires heavy refactoring of several =
crucial parts of the code (schema elements, schema loading objects, =
etc.) and might take longer than expected.

In the meantime, users of Studio and the LDAP API keep getting corrupted =
values for binary attributes. :(

I'd like to propose that we provide a new milestone for both projects =
(Studio 2.0 M3 and LDAP API 1.0 M11) that includes only the first =
solution (we also already have 15 resolved issues pending for Studio and =
5 for API).

The second solution could then take place in the next milestone and we =
could take the appropriate amount of time to implement it correctly.

WDYT?

Regards,
Pierre-Arnaud

[1] - https://issues.apache.org/jira/browse/DIRAPI-78
[2] - https://issues.apache.org/jira/browse/DIRSTUDIO-772
[3] - https://issues.apache.org/jira/browse/DIRSTUDIO-764=

--Apple-Mail=_168098E1-3DA2-4131-AF57-703426A1D0DE
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=iso-8859-1

<html><head></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi =
guys,<div><br></div><div>Just a status report on the major issue we have =
in the API and Apache Directory Studio regarding binary attributes =
corruption.</div><div><br></div><div>For more background about this, =
read the following JIRA issues:</div><div>- [1] DIRAPI-78 (Binary =
attributes are not correctly recognized and are retrieved with data =
corruption)</div><div>- [2] DIRSTUDIO-772 (Entry UUID Editor can't =
display eDirectory GUID)</div><div>- [3]&nbsp;DIRSTUDIO-764 (Image =
Editor does not work correctly)</div><div><br></div><div>In a nutshell, =
due to the lack of schema manager, the LDAP API, which is used inside =
Studio, has no knowledge about binary attributes and handles all values =
as if they were string value.</div><div>Do so, for binary attributes, =
the received data is not correct and ends up being =
corrupted.</div><div><br></div><div>In order to fix this issue, Emmanuel =
and I worked on adding 2 ways for users to have binary attributes =
handled correctly.</div><div><br></div><div>1=B0/ The lightweight =
solution: the =
BinaryAttributeDetector</div><div><br></div><div>A&nbsp;DefaultConfigurabl=
eBinaryAttributeDetector class has been added to the configuration of an =
LDAP connection.</div><div>By default it includes a list of known binary =
attributes and methods to add and removed values to/from this =
list.</div><div>A user can also provide his own detector implementation =
via the&nbsp;BinaryAttributeDetector =
interface.</div><div><br></div><div>When the LDAP connection retrieves a =
new attribute value from a server, it will check via =
the&nbsp;BinaryAttributeDetector whether or not the attribute is binary =
and get the value according to this flag.</div><div><br></div><div>This =
first simple solution has been completely implemented and works fine for =
both the API and Studio.</div><div><br></div><div>2=B0/ The complete =
solution: loading the remote schema</div><div><br></div><div>The second =
solution is to make the connection schema-aware by allowing the load of =
the schema remotely.</div><div>It requires a lot more work as we're =
trying to load the whole schema of the server via LDAP through the =
SubSchemaSubEntry.</div><div><br></div><div>This solution is much more =
complex to implement than it seems and there are a lot of different =
corner cases:</div><div>- whether or not the&nbsp;SubSchemaSubEntry is =
exposed</div><div>- the kind of server (ApacheDS, OpenLDAP, OpenDJ, =
Active Directory, etc)</div><div>- is the schema complete and =
correct?</div><div><br></div><div>The more we implement this solution, =
the more we're hitting important issues with the internal design of the =
schema and how it is loaded (through the schema =
manager).</div><div><br></div><div>Implementing this second solution =
requires heavy refactoring of several crucial parts of the code (schema =
elements, schema loading objects, etc.) and might take longer than =
expected.</div><div><br></div><div>In the meantime, users of Studio and =
the LDAP API keep getting corrupted values for binary attributes. =
:(</div><div><br></div><div>I'd like to propose that we provide a new =
milestone for both projects (Studio 2.0 M3 and LDAP API 1.0 M11) that =
includes only the first solution (we also already have 15 resolved =
issues pending for Studio and 5 for API).</div><div><br></div><div>The =
second solution could then take place in the next milestone and we could =
take the appropriate amount of time to implement it =
correctly.</div><div><br></div><div>WDYT?</div><div><br></div><div>Regards=
,</div><div>Pierre-Arnaud</div><div><br></div><div>[1] -&nbsp;<a =
href=3D"https://issues.apache.org/jira/browse/DIRAPI-78">https://issues.ap=
ache.org/jira/browse/DIRAPI-78</a></div>[2] -&nbsp;<a =
href=3D"https://issues.apache.org/jira/browse/DIRSTUDIO-772">https://issue=
s.apache.org/jira/browse/DIRSTUDIO-772</a><div>[3] -&nbsp;<a =
href=3D"https://issues.apache.org/jira/browse/DIRSTUDIO-764">https://issue=
s.apache.org/jira/browse/DIRSTUDIO-764</a></div></body></html>=

--Apple-Mail=_168098E1-3DA2-4131-AF57-703426A1D0DE--