[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: faked transactions
> -----Original Message-----
> From: Nahuel Greco [mailto:ngreco@axonsis.com.ar]
> On Wed, 14 May 2003 02:43:30 -0700
> "Howard Chu" <hyc@highlandsun.com> wrote:
> > You could create a proxy server for the clients. The proxy
> would never break
> > its connections to the clients, but could redirect itself
> to one of the
> > slaves whenever the administrator completed a transaction.
> With the current
> > OpenLDAP release you can accomplish this like so:
> >
> > admin --> LDAP Referral Server
> > regular database:
> > o=myorg
> > ref: ldap://data1:port/o=myorg
> > LDAP Client Server
> > back-ldap database
> > o=myorg
> > points to LDAP Referral Server
> > LDAP Data Servers (2 instances)
> > o=myorg
> >
>
> If I understand the following paragraph, then the previous graph is
> wrong, the admin will connect to one of the data servers
> directly, not
> using the referral server (or connecting to the referal server but
> using another DN that the clients). I'm correct?
Yes, the admin updates the data servers directly. The admin must also modify
the referral object after completing a transaction, to make the modifications
visible to the clients.
> This configurations seems ok, but I have a question: If a
> client is making
> a long search in data2 (via the back-ldap server), and in the middle
> of that search you change the referral to point data1, what
> happens with
> that long search? continues on data2 and returns valid data?
Yes. The referral is only read once, at the very beginning of the operation.
After back-ldap processes the referral, it gets pointed to (e.g.) data2 and
then the entire operation executes there, regardless of what else happens to
the referral.
One more point to note - if a long search is in progress while the admin
toggles the servers, the admin must wait for the searches to complete before
beginning any new modifications. Otherwise the new mods could distort the
client's search results.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support