On 25/06/2021 15:51, Shawn McKinney wrote:
On Jun 24, 2021, at 8:43 PM, Emmanuel Lécharny <elecha...@gmail.com> wrote:
On 24/06/2021 20:38, Shawn McKinney wrote:
Moving onto the last hurdle for 2.0 migration…
To get the accelerator client talking with OpenLDAP RBAC overlay, for extended
operations.
Emmanuel, as I recall some time ago that the RBAC accelerator client would need
to be reworked when we moved to 2.0.
Do you recall what the issue was?
The ASN.1 encoding has been rewritten from scratch. The idea was to use a
preallocated buffer, which get filled from the end, instead of computing the
result size, allocate the buffer and fill it.
It saves the length computation cost most of the time (if the buffer gets too
small, we reallocate it)
OK
As it stands, I’m getting server side assertion failure. Before I jump to far
into this wanted to check with you.
If you want to look at the server side log, it’s here:
https://issues.apache.org/jira/browse/FC-238?focusedCommentId=17369035&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17369035
The logs aren't helful, there is not enough data in it (typically the received
PDU).
Do you have the extended operation code ?
The client code is locked in a private Gitlab repo but we may be able to
convince my employer to donate it or open it up.
The RBAC overlay (server side) has recently been added to OpenLDAP contrib
which will be part of the 2.5 codebase.
Which brings the question - where does the client belong? Should it be in
Fortress core, API, somewhere else?
Definitively Fortress.
The good thing is that the LDAP API is extensible, so there is no reason
to declare extensions in the core code base.
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecha...@busit.com https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
