directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: bind response is too detailed
Date Mon, 30 Mar 2015 11:32:23 GMT
Hi John,

On Fri, Mar 27, 2015 at 7:07 PM, John Strockmeyer <
john.strockmeyer@gmail.com> wrote:

> Hello. I have had this dilemma for some time now. The problem is that the
> response following an unsuccessful bind contains too much information, and
> there does not seem to be a way to break it down into individual parts. I
> am using ApacheDS 2.0.0-M18, and its response consists of three parts that
> I am interested in:
> 1) The very first line of a diagnostic message, which may look something
> like this:
>        *Diagnostic message : 'INVALID_CREDENTIALS: Bind failed: account was
> permanently locked*
> 2) The exception stack that follows immediately after the line in 1.
> 3) Bind request, which is at the tail end of the response.
>
> Here are my issues.
> 1) There is no way to isolate the first line, which should really be
> equivalent to Exception.getMessage(). For instance, if some remote
> web-based client fails to login into my web application, there is no way to
> specifically notify him about the problem, as I am forced to send him the
> entire three-part response, which is too much to display in a popup.
> 2) The exception stack should be retrieved the same way that all stacks are
> instead of being part of the actual message.
> 3) The bind request portion at the end of the response contains a password
> in cleartext. Typically I would not mind it. But since there is no way to
> break down the response, I am forced to send this back to the client along
> with the other two response parts, creating a possible security problem.
>
> My question is if there is a way to retrieve individual portions of the
> response? I have looked through the API and could not figure it out. If
> there is no way, is there perhaps an intention in the future releases to
> break the response down into the parts I mentioned earlier?
>
 I am going to look into this during the next weekend

>
> Thank you.
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message