Hi, I have 2 "features" that I think would be of great value to the LDAPTransformer. I have already begun working on a patch to implement both.
1) In order to use SSL for LDAP (ldaps) while using a JDK prior to 1.4.2, I suggest that an additional optional attribute be added - "securityprotocol". Please reference: http://java.sun.com/products/jndi/tutorial/ldap/security/ssl.html This outlines 2 methods of making an ssl connects, one using the "ldaps" protocol, and the other using the "SSL Socket Property", which is not currently available in the LDAPTransformer. Also please note on the page, the section on "Using the LDAPS URL" states explicitly that "LDAPS URLs are supported only in Java 2 SDK, v1.4.2 and later releases." If this attribute were set, then it would get set in the env, i.e. if (securityprotocol != null) { env.put(Context.SECURITY_PROTOCOL, securityprotocol); } 12345678901234567890123456789012345678901234567890123456789012345678901234567890 2) Each entry returned needs to have its DN included. You can not reliably reconstruct the dn from the searchbase and an entry's attribute. In order to obtain the true dn, at the code level you have to do something like: String dn = sr.getName() + "," + ldapSearchBase; What I'm still pondering is whether the dn should simply be returned as an another attribute (i.e. a sub-element of row-element), or if it should be elevated to an attribute of the row-element. Comments on both of these are more than welcome. And PLEASE let me know if anyone has already engaged either or both of these issues. I did research both on Bugzilla and the cocoon-dev archives, and did not find anything addressing either of these. Once I have my patch complete, I will submit it via Bugzilla. Regards, David Day
