[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
base referrals issue/idea?
As there appears to be no archive, this may have been asked and
answered. I suppose I should have asked about this at IETF, but I was
just thinking about an issue that could be in the referrals document
(which is now going to be split apparently).
In draft-ietf-ldapext-referral-00.txt, several different examples for
named referrals are discussed. It seems to me that one example might be
missing.
Suppose I do a base search for something like:
cn=Chris Lukas,o=UW,c=us
with a filter of (objectclass=*).
If I perform this search on the server that holds the "o=UW,c=us"
subtree (call it server 1), I'll obviously get the correct entry.
Now, suppose I'm searching on a different server (call it server 2) than
the one that holds the "o=UW,c=us" subtree, but server 2 has a referral
entry for that "o=UW,c=us" entry that points to server 1.
I perform a subtree search with base of "o=UW,c=us" and filter of
"(cn=Chris Lukas)"; a referral is returned from server 2, and my client
contacts server 1 and gets the correct entry.
Now, suppose I perform a BASE search for "cn=Chris Lukas,o=UW,c=us" on
server 2. Now, server 2 does not have a "cn=Chris Lukas,o=UW,c=us"
entry with or without a ref attribute in it. This leads to my question,
what is server 2 going to return here?
According to RFC2251: "If the contacted server does not hold the base
object for the search, then it will return a referral to the client."
What this referral is doesn't seem to be defined -- it could be the
"default referral" or it could be something else it seems.
I would argue that server 2, in the last example above, should notice
that, while it does not contain the "cn=Chris Lukas,o=UW,c=us" entry, it
DOES contain an "o=UW,c=us" entry and since the "o=UW,c=us" entry has a
"ref" attribute, it should return that referral.
The point of this is that it would be painful to put a referral for each
and every entry under "o=UW,c=us" into server 2, and the point (in my
mind) of having an "o=UW,c=us" entry in server 2 with a referral to
server 1 is to transparently send the client to the right place. It
seems especially useful for server 2 to not simply refer the client to
some generic "I don't know" server because server 2 does, in fact, know
where the record is.
I think that the document describe something like: "On a base search, if
the server does not hold the base object requested by the client but
does hold an entry with a 'ref' attribute for part of the DN of the
requested object, the server should return the referral from that
entry."
Does this make sense? I would appreciate any clarification if I'm
misunderstanding something.
Thanks.
- Chris
------------------------
Christopher E. Lukas
Internet Scout Project
http://scout.cs.wisc.edu