LdapNetworkConnection. add eating exceptions

Mon, 05 Apr 2021 11:30:38 -0700 

Hello,

Stumbled on this today.  The error occurs adding entry to directory and 
constraint violation occurs.  The error is expected as I’m manipulating an pw 
policy attribute that is DSA controlled.  

I’ve changed the code on adds to be able to forward the DSA control:

```
AddRequest addRequest = new AddRequestImpl();
addRequest.setEntry( entry );
if ( setManagedDsa )
{
   ManageDsaIT mControl =  new ManageDsaITImpl();
   mControl.setCritical( true );
   addRequest.addControl( mControl );
}
AddResponse response = connection.add( addRequest );
```

FWIW I’ve also done it this way:

```
addRequest.addControl( new ManageDsaITImpl(); );
```

With this newly modified code I wouldn’t expect to get an error from server, 
but let’s set that concern aside for a moment.

What I REALLY don't expect is for the server exception to be eaten by the API. 

It happens line 566 of class (v1.3):


  } else {
      LOG.debug("Add failed : {}", addResponse);
            }

I’ve stepped through it, the server returns in response to the add (with 
pwpolicy operational attr):

```
Ldap Result
    Result code : (CONSTRAINT_VIOLATION) constraintViolation
    Matched Dn : ''
    Diagnostic message : 'pwdPolicySubentry: no user modification allowed’
```

A more complete excerpt of LDAP API code add method:


```
LdapNetworkConnection
    public AddResponse add(AddRequest addRequest) throws LdapException {
        ...
        
    try {
        AddResponse addResponse = (AddResponse)addFuture.get(this.timeout, 
TimeUnit.MILLISECONDS);
        if (addResponse == null) {
            LOG.error("Add failed : timeout occurred");
            throw new LdapException("TimeOut occurred");
        } else {
            if (addResponse.getLdapResult().getResultCode() == 
ResultCodeEnum.SUCCESS) {
                LOG.debug("Add successful : {}", addResponse);
            } else {
                LOG.debug("Add failed : {}", addResponse);
            }

            return addResponse;
        }
        …
```

Please advise on if you think this is a bug (eating exception).  I’ll follow-up 
with another thread on the *why* the server's returning the exception in the 
first place but I need to investigate a bit more (may be problem on server 
OpenLDAP 2.5.3 beta).

—
Shawn


---------------------------------------------------------------------
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org

Reply via email to