[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Send Success with first found entry
- To: openldap-technical@openldap.org
- Subject: Re: Send Success with first found entry
- From: Dieter Klünter <dieter@dkluenter.de>
- Date: Tue, 1 Sep 2015 09:44:49 +0200
- In-reply-to: <EA7399765D4E5A44848CEFE00AE00BAC92E208@IPA-EX-MBX2.ipa.stuttgart>
- Organization: AVCI
- References: <EA7399765D4E5A44848CEFE00AE00BAC92DCCE@IPA-EX-MBX2.ipa.stuttgart> <20150828094542.4d11b0e9@pink.avci.de> <EA7399765D4E5A44848CEFE00AE00BAC92E208@IPA-EX-MBX2.ipa.stuttgart>
Am Tue, 1 Sep 2015 06:44:08 +0000
schrieb "Fischer, Johannes" <johannes.fischer@ipa.fraunhofer.de>:
> Hi Dieter,
>
> I've tried it with a quite accurate filter request:
> (&
> (cn=aaa)
> (objectClass=vfkUser)
> )
> Scope: singleLevel
> Sizelimit: 1
> Baseobject : cn=user, ...
>
>
> The only result have been transferred from the server after 2ms, but
> the success packet still need 2-3s.
>
> Do I have to edit something on the server side?
>
> Greetings John
>
> PS. the cn's in the entry 'cn=user' are unique...
This is rather strange, could you run slapd in debugging mode (-d-1) in
order to watch the internal process?
-Dieter
>
>
> -----Ursprüngliche Nachricht-----
> Von: openldap-technical
> [mailto:openldap-technical-bounces@openldap.org] Im Auftrag von
> Dieter Klünter Gesendet: Freitag, 28. August 2015 09:46 An:
> openldap-technical@openldap.org Betreff: Re: Send Success with first
> found entry
>
> Am Fri, 28 Aug 2015 05:42:37 +0000
> schrieb "Fischer, Johannes"
> <johannes.fischer@ipa.fraunhofer.de>http://ldapcon.org/2015/:
>
> > Hi again,
> >
> > more and more I get a feeling how all this work together. But often
> > you don't know what you actually need to look up...
> >
> > I've looked on the LDAP server of the Institute to get a feeling
> > how the real IT-guys managed their server... (It was a disaster
> > from a data protection perspective...) Some things were quit nice,
> > for example that the server send a "success" with the first found
> > entry in a subtree.
> >
> > On my openLDAP instance I receive a entry of a subtree after
> > 20-30ms but the success packet need 200ms. For me this behavior is
> > not clear due to the fact, that the entries in the directory need
> > to be unique.
> >
> > The Example:
> > I'm using the Spring security framework and trigger with
> > "ldapTemplate.lookup("cn=" + _name + ",dc=users");" a lookup. On
> > wireshark I see a search request with the scope "baseObject" and
> > The Filter "objectClass=*". After 33ms I receive a searchResEntry
> > packet, so the Server found something and could also stop. But I
> > think in the background all the other entries in the Subtree
> > "dc=users", are looked through also. After 230ms the success packet
> > arrive at my computer. (see also Attachment)
> >
> > My Question, is there a possibility to emit a success together with
> > the first found entry?
>
> In fact, this depends on your filter design. The rate of hits
> decreases with the degree of accuracy.
>
> -Dieter
>
>
>
> --
> Dieter Klünter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53°37'09,95"N
> 10°08'02,42"E
>
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E