[
https://issues.apache.org/jira/browse/KNOX-644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15501935#comment-15501935
]
Kevin Risden commented on KNOX-644:
-----------------------------------
I was able to test it with the embedded ApacheDS server. I had to change the
following:
Add server.setMaxSizeLimit(LdapServer.NO_SIZE_LIMIT); to
SimpleLdapDirectoryServer constructor and connect with the admin user instead
of sam/sam-password.
Those two changes allowed the paging to work with the embedded ApacheDS server.
I would love to put up a comprehensive patch with tests, but won't get to it
this week most likely.
> Limit/page results of LDAP group membership search
> ---------------------------------------------------
>
> Key: KNOX-644
> URL: https://issues.apache.org/jira/browse/KNOX-644
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.6.0
> Reporter: Kevin Minder
> Priority: Critical
> Fix For: 0.10.0
>
> Attachments: KNOX-644-paging.patch, KNOX-644.patch, ad_setup.ps1,
> create_groups_ldif.py, paging.patch
>
>
> Some users are finding that they have >1000 groups that would be returned
> given how Knox currently implements group lookup. ActiveDirectory currently
> limits search results to 1000 items and this causes failures that require
> workarounds at the client side. Ideally Knox's LDAP group search
> implementation would either limit/filter the results or page the result set
> that are unavoidably large.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
