Return-Path: X-Original-To: apmail-directory-api-archive@minotaur.apache.org Delivered-To: apmail-directory-api-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B587733F8 for ; Fri, 6 May 2011 21:29:53 +0000 (UTC) Received: (qmail 37981 invoked by uid 500); 6 May 2011 21:29:53 -0000 Delivered-To: apmail-directory-api-archive@directory.apache.org Received: (qmail 37953 invoked by uid 500); 6 May 2011 21:29:53 -0000 Mailing-List: contact api-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: api@directory.apache.org Delivered-To: mailing list api@directory.apache.org Received: (qmail 37945 invoked by uid 99); 6 May 2011 21:29:53 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 May 2011 21:29:53 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of akarasulu@gmail.com designates 74.125.82.44 as permitted sender) Received: from [74.125.82.44] (HELO mail-ww0-f44.google.com) (74.125.82.44) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 May 2011 21:29:47 +0000 Received: by wwa36 with SMTP id 36so3937425wwa.1 for ; Fri, 06 May 2011 14:29:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=k7Z4ks+ARm7UVn7RjoChJeHfdA7/n9v7pkZ61c5YxY4=; b=MBIuJK/ixyCVYDfJopWxaJXDHYMrpjFMOtbUqapRZ4uFuv+Jle6CD2EjibYVIyOpr6 t1en5prXVDuagIpKC6xEBQJVosQkRx55TIrR4eUalR6SB9Q7fCQnEBJsMw/SXXZMHMlI OEyIvkKLpQUWxxZD8H2dDYCOhUsXiJsylgVBg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=BUFK/irfuE1It+LQbnRA+yJwe+nfSS+tOdxwMFs0ZoepeobPugP6ldAfuWnT7JH7k5 s1yvUaqUAt2eBocU1pcF1nLnvPWqnm+JyKITgaIaF1tqVVfYP5SLFLyY7RC0/IFDv3pm 9DK8wl7+PixtW+hOS6sqsgqnwNHbYiKldFmAY= MIME-Version: 1.0 Received: by 10.216.241.132 with SMTP id g4mr88736wer.9.1304717366679; Fri, 06 May 2011 14:29:26 -0700 (PDT) Sender: akarasulu@gmail.com Received: by 10.216.237.142 with HTTP; Fri, 6 May 2011 14:29:26 -0700 (PDT) In-Reply-To: References: Date: Sat, 7 May 2011 00:29:26 +0300 X-Google-Sender-Auth: rAvWhKLOOX4SlvjkVfQ5HsdcsUw Message-ID: Subject: Re: Reading Binary Attributes From: Alex Karasulu To: api@directory.apache.org Content-Type: multipart/alternative; boundary=e0cb4e43d1b92c58fd04a2a22fd0 X-Virus-Checked: Checked by ClamAV on apache.org --e0cb4e43d1b92c58fd04a2a22fd0 Content-Type: text/plain; charset=ISO-8859-1 On Fri, May 6, 2011 at 5:34 PM, Stefan Seelmann wrote: > On Fri, May 6, 2011 at 3:30 PM, Daniel Fisher wrote: > >>> Specifying BinaryAttributeDetectors might also be interesting in the > case where the server does not advertise the location of the its schema in > the RootDSE. But it would leave the connection being halfway schema aware, > which might be complicated to handle at first sight. > >>> Something we can discuss about though. > >>> > >> yeah, the problem here is to link such a mechanism into the schema > >> manager, but honestly I don't think it is a good > >> idea to let user define some behavior to handle the attribute type > >> apart from what is already defined in the schema through syntax. > >> > >> OTOH this conversation makes me think that we should also make > >> connection schema aware by default, instead of the current choice > >> of letting users call loadSchema() to make it schema aware. > > > > I think you want to support both behaviors. The vast majority of LDAP > > clients do not need to be schema aware. They just need to read strings > > (and sometimes bytes) from the server. Forcing a client to synchronize > > schema updates with their server would place an undue burden on > > application deployers that depend on LDAP. > > I agree with Daniel. LDAP is often used to authenticat users, so only > a connect and bind is required. In that case loading the schema would > be too expensive. > +1 Absolutely expensive! > Another thing: the schema may be big, say up to an Megabyte. So you > don't want to load the schema on each connect/bind. In Studio we cache > the schema based on the createTimestamp/modifyTimestamp of the > subschemaSubentry entry, but that's quite tricky and doesn't always > work. > > Yes a nice optimization if available. > Loading the schema is also dependent from the access control rules. > Some servers don't allow reading the schema for non-admin users. So in > that case the connection can't be made schema-aware. > > Yep. > And using the built-in schema doesn't make sense at all, IMHO. If we > don't know what the other server is it doesn't make sense to assume > the schema would match. > +1 > > > If you don't like exposing the BinaryAttributeDetector, you could > > simply store the raw byte[] in the Attribute along with the UTF-8 > > encoded string for every attribute. If I remember correctly this is > > what JLDAP does. Clients would then have the flexibility to use either > > data type regardless of the schema. > > That's a great idea, +1 > +1 Alex --e0cb4e43d1b92c58fd04a2a22fd0--