tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 9705] - Extra LDAP searches occur during JNDIRealm authentication
Date Mon, 17 Jun 2002 17:30:29 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9705>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9705

Extra LDAP searches occur during JNDIRealm authentication





------- Additional Comments From jemiller@uchicago.edu  2002-06-17 17:30 -------
Another way to rebind to the directory is to use the LdapContext.reconnect() 
method,

http://java.sun.com/j2se/1.4/docs/api/javax/naming/ldap/LdapContext.html#reconn
ect(javax.naming.ldap.Control[])

but since JNDIRealm is supposed to in theory be generic, I guess that may not 
be advisable. Also, I'm not sure if that is LDAPv3 specific or not. 
Personally, I'm a little surprised that there isn't a reconnect method in 
DirContext.

The reason ldapsearch returns "No such object" is because "" isn't a valid 
search base. Like you said, you're calling DirContext.getAttributes() to force 
a bind to the directory and you don't care what the results are, so, it's no 
big deal, I was just wondering why it was doing that query initially. Since 
DirContext has no reconnect method, it doesn't look like you have much of a 
choice.

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message