[email protected] wrote: > I'm looking to better understand the relationship in packet ordering when it > comes to bind requests. As far as I've learned so far I can send a few ldap > requests and potentially get responses in an order that doesn't match what > i've sent. > > When it comes to, for example, sending a bind, a search, a bind (different > user), and a search, when I send those serially without waiting for a > response, are there any guarantees around getting successful bind responses > before search results? Is it guaranteed that I would get a bind result from > the second bind before search results from the second search? Is it > guaranteed the second bind result would come after the end of the first > search results, or might I receive the second bind result before the end of > the first set of search results (or even in the middle of the second set of > search results)? > > Then when it comes to server side processing, is it guaranteed that the first > search is executed with the authorization of the first bind, and second > search executed with the authorization of the second bind? Or is there a way > the second search is processed before the second bind? > > How does openldap manage changing authorization in the middle of an executing > search? If the first search is in flight and the second bind request comes > in, does the first search continue to execute and finish with the > authorization of the first bind?
No. RFC 4511 section 4.2 is explicit about this. > > Are you aware of clients or tools that leverage that multi request (without > waiting for a response) capacity of ldap? In what types of applications might > a client send many requests without waiting for any responses? Badly written applications that ignore the RFCs. > > Thanks for the consideration > Tom > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
