On 04/10/2017 02:25 PM, Emmanuel Lécharny wrote:
>
>
> Le 10/04/2017 à 12:46, Maiorano Pasquale a écrit :
>> Dear Sirs,
>> I have the following problem: If I bind a user with a wrong password the
>> method bind of the class LDAConnection does not raise any excpetion even if
>> investigating in the “bindResp.getLdapResult().getDiagnosticMessage()”
>> actually it returns the following string “Diagnostic message
>> :INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user
>> cn=Antonio Valentino,o=DEM.”
>> Is it the correct behavior of the LDAPConnection bind method not returning
>> any Exception?
>
> Yes. It was a design decision. Exception are for exceptional conditions
> (like a timeout, or any other error that we can't control).
>
> When you have a success, or a failure, the BindResponse convey the
> reason, and this is where you are going to have the best possible
> explanation about the bind error.
>
> Grab the ldapResult, and check the error code, which should be SUCCESS.
>
> LdapResponse bindResponse = connection.bind( blah );
>
> if ( bindResponse.getLdapResult().getResultCode() !=
> ResultCodeEnum.SUCCESS )
> {
> // Deal with the error...
> }
But there are two different type of methods:
LdapConnection.bind(String name, String credentials) - this throws e.g.
LdapAuthenticationException if you provide the wrong password
LdapConnection.bind(BindRequest bindRequest) - this only throws an
exception if e.g. an I/O error occurs, otherwise returns a BindResponse
object with LDAP response code etc.
I think that's consistent with other LDAP operations: The methods that
take a dedicated "Request" object and return a "Response" object don't
throw an exception for LDAP results != "SUCCESS". The other simple
methods throw an LdapOperationException if the LDAP operation was not
successful.
That's also described here (WIP):
https://directory.apache.org/api/user-guide/2-basic-ldap-api-usage.html
Kind Regards,
Stefan
