[
https://issues.apache.org/jira/browse/DIRSERVER-1651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13094893#comment-13094893
]
Emmanuel Lecharny commented on DIRSERVER-1651:
----------------------------------------------
well, as soon as you need to authenticate to be able to send the first request,
I assume it's quite unlikely to have somebody spoofing a cookie...
> rfc 4533 implementation differences between openldap and apacheDS
> -----------------------------------------------------------------
>
> Key: DIRSERVER-1651
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1651
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 2.0.0-M2
> Reporter: Hajo Kliemeck
> Labels: 4533, openldap, syncrepl
>
> Tthere is an incompatibility between the RFC 4533 implementation of apacheDS
> and openldap.
> openldap uses the cookie structure "rid=<replicaId>" (initial) or
> "rid=<replicaId>,csn=<Csn value>" (update) while apacheDS is using NULL for
> the initial state and the structure "<replicaId>;<Csn value>" for the update
> state. in the RFC its said:
> {quote}
> The absence of a cookie or an initialized synchronization state in a cookie
> indicates a request for initial content.....
> {quote}
> first is apacheDS like, second is openldap like
> It should be possible to adapt the structure or the behavior.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
