directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <>
Subject Re: LDAPConnection seems not raise the LDAPException
Date Mon, 10 Apr 2017 21:10:58 GMT
On 04/10/2017 02:25 PM, Emmanuel Lécharny wrote:
> Le 10/04/2017 à 12:46, Maiorano Pasquale a écrit :
>> Dear Sirs,
>> I have the following problem: If I bind a user with a wrong password the method bind
of the class LDAConnection does not raise any excpetion even if investigating in the “bindResp.getLdapResult().getDiagnosticMessage()”
actually it returns the following string “Diagnostic message :INVALID_CREDENTIALS: Bind
failed: ERR_229 Cannot authenticate user cn=Antonio Valentino,o=DEM.”
>> Is it the correct behavior of the LDAPConnection bind method not returning any Exception?
> Yes. It was a design decision. Exception are for exceptional conditions
> (like a timeout, or any other error that we can't control).
> When you have a success, or a failure, the BindResponse convey the
> reason, and this is where you are going to have the best possible
> explanation about the bind error.
> Grab the ldapResult, and check the error code, which should be SUCCESS.
>     LdapResponse bindResponse = connection.bind( blah );
>     if ( bindResponse.getLdapResult().getResultCode() !=
> ResultCodeEnum.SUCCESS )
>     {
>         // Deal with the error...
>     }

But there are two different type of methods:

LdapConnection.bind(String name, String credentials) - this throws e.g.
LdapAuthenticationException if you provide the wrong password

LdapConnection.bind(BindRequest bindRequest) - this only throws an
exception if e.g. an I/O error occurs, otherwise returns a BindResponse
object with LDAP response code etc.

I think that's consistent with other LDAP operations: The methods that
take a dedicated "Request" object and return a "Response" object don't
throw an exception for LDAP results != "SUCCESS". The other simple
methods throw an LdapOperationException if the LDAP operation was not

That's also described here (WIP):

Kind Regards,

View raw message