Hello,
> Also as a general rule the X.500 data model requires that a server
store and return exactly what the user provided.
please tell me where in X.500 you find this. I couldn't find it.
Instead I found (X.501 (2008), chapter 13.3.2 (" The object class
attribute") :
"Every entry shall contain an attribute of type objectClass to identify
the object classes and superclasses to which the entry belongs. The
definition of this attribute is given in 13.4.8. This attribute is
multi-valued.
There shall be one value of the objectClass attribute for the entry's
structural object class and a value for each of its superclasses. top
may be omitted."
This means - in my understanding - that the server has to set these
values for the attribute object class - one per superclass.
Regards, Jochen.
Am 22.03.2013 21:02, schrieb Howard Chu:
Michael Ströder wrote:
Manuel Gaupp wrote:
I don't think so, because RFC 4512, section 3.3 says:
"When creating an entry or adding an 'objectClass' value to an
entry,
all superclasses of the named classes SHALL be implicitly added as
well if not already present. [...]"
If I'm interpreting this correctly, the OpenLDAP behaviour is a bug.
Well, "implicitly added" is a bit vague to call it a bug since the
entries are
returned when searching for the superior object class.
In the sense that "implicit" is the opposite of "explicit" the
OpenLDAP behavior is exactly correct. Also as a general rule the X.500
data model requires that a server store and return exactly what the
user provided.
