Re: Connection : Simple Bind operation

Thu, 11 Feb 2010 11:17:14 -0800 

On 2/11/10 7:59 PM, Stefan Seelmann wrote:

Emmanuel Lecharny wrote:



In any case, the password is an Octet String, ie a byte[]. The user 
is always a DN when doing a simple bind.



At least to Active Directory you can bind with a username like 
u...@domain. So the API should allow a non-DN user.

Bloody M$ !!! Yeah, you are right. Then the bind( String, String/byte[]) 
should not check that the user is a valid DN.



Some last consideration : if we are to support asynchronous 
operations, then we need to make this explicit.


I suggest we keep it simple from the user pov, considering that :
- users will mainly do synchronous operations
- anonymous bind must be easy to code



what if the user forgets to call a "bind" method but just calls 
another operation? Should we check that at the client? Should we do an 
implicit anyonymous bind?

This is perfectly valid. You can do a straight search() without having 
done a previous bind() : the server should assume that it's an anonymous 
bind.



- we want to make it explicit that the async mode is used
- and we don't want zillion of methods.


So every method bind(...) will have a equivalent async method 
bindAsync(), the anonymous bind will be a bind() method without 
parameters, the password can be either a String or a byte[], and the 
user can be either a String or a DN :


synchronous :
* bind()  anonymous bind

* bind( String userDN, String password ): simple bind (if the 
password is null, this will be the unauthenticated bind)

* bind( String userDN, String password )
* bind( DN userDN, String password )
* bind( String userDN, byte[] password )
* bind( DN userDN, byte[] password )
* bind( BindRequest )



I'm not sure if we really need the variants with a byte[] password. 
The user has to type in the password somewhere, so in most cases the 
password is a string. If the user really wants to do it s/he must use 
a BindRequest.

That's an option, sure. In some case, the password can also be a binary 
value the user won't type (like with fingerprints, for instance). You 
have so many cool devices out there those days !!!



asynchronous :
* bindAsync()  anonymous bind

* bindAsync( String userDN, String password ): simple bind (if the 
password is null, this will be the unauthenticated bind)

* bindAsync( String userDN, String password )
* bindAsync( DN userDN, String password )
* bindAsync( String userDN, byte[] password )
* bindAsync( DN userDN, byte[] password )
* bindAsync( BindRequest )


Is there some handle returned by the async methods?

Yes, you get back a Future.


--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
























					Reply via email to