[ANNOUNCE] Apache Directory Studio 2.0 M3 released
The Apache Directory Team is pleased to announce the release of Apache Directory Studio 2.0 M3, the third milestone release of the version 2.0 of its Eclipse based LDAP Browser and Directory client. You can download Apache Directory Studio 2.0 M3 as a standalone RCP application for Mac OS X, Linux and Windows here: http://directory.apache.org/studio/2.0/download You can install it directly in Eclipse using this update site: http://directory.apache.org/studio/update/2.x/ Here are a few highlights of the 2.0 version: * The Apache Directory LDAP API has now been integrated in Apache Directory Studio: ** it is used as default network provider (as a replacement for JNDI - which is still selectable) ** and also in the Schema Editor plugin for checking the schema inconsistencies * A new LDAP Servers plugin has been introduced and replaces the ApacheDS plugin: ** it provides an open way to include LDAP Server adapters which allows you create and run a new LDAP Server within seconds ** LDAP Server adapters are provided for all ApacheDS versions from 1.5.3 to the latest milestone 2.0 M6). * A new ApacheDS 2.0 Configuration plugin takes care of editing the configuration of a 2.0 ApacheDS instance: ** it reads the configuration from the LDIF configuration file on the filesystem ** it can also read the configuration via LDAP using a connection defined in the LDAP Browser * The RCP application is based on the latest version of Eclipse (3.7.1): ** it is provided in two versions (32 bit and 64 bit) for each major operating system (Mac OS X, Linux Windows) * There are a lot more new additions, improvements and bug fixes Here is the release note for Apache Directory Studio 2.0 M3: Bug * [DIRSTUDIO-764] - Image Editor does not work correctly * [DIRSTUDIO-765] - Can not export DSML * [DIRSTUDIO-767] - All attribute names are lowercase when using Apache Directory LDAP Client API * [DIRSTUDIO-768] - Error while searching using a filter on a binary attribute * [DIRSTUDIO-769] - Alt-S shortkey does not work in Search Dialog * [DIRSTUDIO-770] - Typos in french translation * [DIRSTUDIO-771] - Searches are not saved when closing Studio 2.0 M1/M2 * [DIRSTUDIO-772] - Entry UUID Editor can't display eDirectory GUID * [DIRSTUDIO-773] - IllegalArgumentException thrown when copying the RootDSE * [DIRSTUDIO-776] - Misleading title for action Open 'Search Result'/'Bookmark'/'Entry' in DIT in LDAP Browser view context menu * [DIRSTUDIO-777] - Renaming entry fails when using Apache Directory LDAP API * [DIRSTUDIO-778] - NullPointerException when refreshing a TableEntryEditor * [DIRSTUDIO-779] - Label for folded attributes in TableEntryEditor is not updated when quick filter is used * [DIRSTUDIO-783] - The 'Rename Entry' dialog doesn't resize automatically when adding or removing RDN parts Improvement * [DIRSTUDIO-713] - Improve the 'Show in' sub-menu of the TableEntryEditor * [DIRSTUDIO-780] - Allow Apache Directory Studio to be pinned to Windows 7's taskbar * [DIRSTUDIO-782] - Improve Windows installer with JRE detection and creation of 'Apache Directory Studio.ini' file * [DIRSTUDIO-784] - Add the ability to sort searches in the LDAP Browser view * [DIRSTUDIO-785] - Add the ability to sort bookmarks in the LDAP Browser view The Apache Directory Team
ava.io.EOFException: ERR_00021 EOF encountered in middle of object; org.apache.directory.shared.asn1.der.ASN1InputStream.readFully
Hi,
Hope I am posting to the right list. If not, please let me know.
I am trying to use the
org.apache.directory.server.kerberos.shared.io.decoder.KdcReplyDecoder and the
ErrorMessageDecoder classes to parse an AS_REP message and an error message (In
response to an AS_REQ request).
However, in both cases, I got the following error:
+ ERROR BEGINS +
java.io.EOFException: ERR_00021 EOF encountered in middle of object.
at
org.apache.directory.shared.asn1.der.ASN1InputStream.readFully(ASN1InputStream.java:176)
at
org.apache.directory.shared.asn1.der.ASN1InputStream.readObject(ASN1InputStream.java:523)
at
org.apache.directory.server.kerberos.shared.io.decoder.KdcReplyDecoder.decode(KdcReplyDecoder.java:64)
at SimpleDecoder.parseMessages(SimpleDecoder.java:25)
at SimpleDecoder.main(SimpleDecoder.java:39)
+ ERROR ENDS +
In the following code, these messages are copied from real Kerberos traffic and
they can be parsed by Wireshark.
What have I done wrong?
Thank you.
Steve
++ CODE BEGINS ++
import java.nio.ByteBuffer;
import org.apache.directory.server.kerberos.shared.io.decoder.*;
import org.apache.directory.server.kerberos.shared.messages.*;
public class SimpleDecoder {
private String asErrorStr =
7e82010e3082010aa003020105a10302011ea411180f3230313230323137303933355aa505020303b5daa603020119a9131b1143525950544f2e43532e4a4d552e454455aa263024a003020102a11d301b1b066b72627467741b1143525950544f2e43532e4a4d552e454455ac81a104819e30819b3078a103020113a271046f306d3020a003020111a1191b1743525950544f2e43532e4a4d552e45445577616e6778783005a0030201173020a003020103a1191b1743525950544f2e43532e4a4d552e45445577616e6778783020a003020101a1191b1743525950544f2e43532e4a4d552e45445577616e6778783009a103020102a20204003009a103020110a20204003009a10302010fa2020400;
private String asRepStr =
6b82055f3082055ba003020105a10302010ba231302f302da103020113a226042430223020a003020111a1191b1743525950544f2e43532e4a4d552e45445577616e677878a3131b1143525950544f2e43532e4a4d552e454455a4133011a003020101a10a30081b0677616e677878a58203e1618203dd308203d9a003020105a1131b1143525950544f2e43532e4a4d552e454455a2263024a003020102a11d301b1b066b72627467741b1143525950544f2e43532e4a4d552e454455a38203933082038fa003020117a103020102a28203810482037d644c4202420dc2f8777101f929a1bbe5882d1b53514612b9562722caf3bbde64a3d92a9b46204dfc453e03eed6a2950955c40a7ce04b1bc0b725614ea7a34885903d544de4339e1218e3afc0438598eab59d2fbb59bdec951df6055ecc449dfc041534d125a71851fb9de91eec35af9d8c588a32929e1ea31fdd8d40987af5cdaa70f6ad06cac744cf7989be7c668a4d0af97cf3865e5070c6ff44d3f1abf3fbae432e3336d8b4d06daa0181c98485f4d331d29fafd01a0625673ba3dd9fe65f4317f3c4fa3c45a26ccc3caa6515b585a2bb3c3fa781046274e33bc94518cc2fd27fb60ecbe2479f330b3530a011865ff0a15282d27e5b3f1e2e34131efe28ed819b1c73ce27dfb1c5e5419aa68fcc3c3994bdc37c53e1ac03f645fb00bc24ff3506a9d11c7e63e938ac88947f810217be6f5bb1c3d691a07374e4580a34c56b04f0823e6569f0a8c51b3c8c8a0fbb9663859e0ec210e61e22860ae4c56611b2bfe375438838cd11c593d0e2cf6208f3d0f2166d23f6350253bc0171a72dcda3d31d33d64607537dbb19c76b8f684d3c619eba19ed8be70b6510a9a578832568bf844f1ea911896af6055eb3a6bfb126c7aa9f951475f336c7d6fa7ef48cd39e8d9946641291ec6799c304d095875c560056c6c482194d0d095859ae46297b9d757a6120482a2ba7c073cc842cb6a0f39294bd7acc7f19e4e12702278624c0d3000580466be313a59d1f4b47f2a699f6da2213997a42483b18f717eff959b330d73c61bf60b3d6b350528b464302b70207c9cabe51ae10898a36c4e939cf412b6f99a09ca86aac8c0043c117a6c4e5f8b606fcab0caeaefae70f359338e58ad16eb5cd3d20c4f758f852c18eec1302cebb63c0c8f448bccb36c2a62e2be3534aba816b7e26672e76e35af3790f84cb57eaaa05bfb49949f8c7bccbb6d228ec49e19dac51cb67ee8908f5772973e5ab000f0ca600bc87f631d21534f69aca1bd656efbf4f26c659b23435c1357091a5ea4166d21ee3f077b889281b9c996678d257e2849aa2c21d32c2e28406dd64a7521d809db154b6f36a68399bedcb3ac90906f316b8b67ebbc3cd3b5b5e991a25139ee8bff94935340c7ddb2d33783bfdb9b79dc13b62e600c801b0f990830391b7526352bf4c799e309371dc1090765649d2a934f0ca9e07a78f8cd59e42f9c80246c29fe17d33b96b2b7d364b291e8645f0aa6e7263c1eab1e7a3231f5562fa9b77632c2c489609bee158c1a682010b30820107a003020111a103020102a281fa0481f738bfbdef7613dede4f09662460db2ebcad50fa61f8cba9ccbdc15a5048f2de99f6c9ec4a68dff595ed928b9328d104bca86823f85959d821c62f488acf50431840890d521be2d8332571a43e0d238735a8d188a23b5e81776b151770b516c0e3478daabd7533b8d91f80744635b31e6e85dfe01200c716503983e57672e496244a9e156e6adcbd1bba35997e8df93abd1e6a5ff979744db98e180cc5653a5981a38285fcf1323a247887fcf1df760d15a4bf2f2c5f1cc88c8d3ead1f1bd8fa9641f3212c13924d9874756c822c0bebe4d45bc2a47ae41d319a267ed26ad9d7f9671c38a28105e18bbe5c7dd2a00c0af08a481335db9da3;
private byte asRepBytes[] = null;
private byte asErrBytes[] = null;
public void init () {
asRepBytes = stringToHex (asRepStr, 0);
asErrBytes = stringToHex (asErrorStr, 0);
}
public void parseMessages () {
try {
Re: ava.io.EOFException: ERR_00021 EOF encountered in middle of object; org.apache.directory.shared.asn1.der.ASN1InputStream.readFully
Your stringToHex method is borked. It returns 0xFF when it tries to
transform '6B' to a byte.
Le 2/29/12 6:16 PM, Wang, Xunhua - wangxx a écrit :
import java.nio.ByteBuffer;
import org.apache.directory.server.kerberos.shared.io.decoder.*;
import org.apache.directory.server.kerberos.shared.messages.*;
public class SimpleDecoder {
private String asErrorStr =
7e82010e3082010aa003020105a10302011ea411180f3230313230323137303933355aa505020303b5daa603020119a9131b1143525950544f2e43532e4a4d552e454455aa263024a003020102a11d301b1b066b72627467741b1143525950544f2e43532e4a4d552e454455ac81a104819e30819b3078a103020113a271046f306d3020a003020111a1191b1743525950544f2e43532e4a4d552e45445577616e6778783005a0030201173020a003020103a1191b1743525950544f2e43532e4a4d552e45445577616e6778783020a003020101a1191b1743525950544f2e43532e4a4d552e45445577616e6778783009a103020102a20204003009a103020110a20204003009a10302010fa2020400;
private String asRepStr =
6b82055f3082055ba003020105a10302010ba231302f302da103020113a226042430223020a003020111a1191b1743525950544f2e43532e4a4d552e45445577616e677878a3131b1143525950544f2e43532e4a4d552e454455a4133011a003020101a10a30081b0677616e677878a58203e1618203dd308203d9a003020105a1131b1143525950544f2e43532e4a4d552e454455a2263024a003020102a11d301b1b066b72627467741b1143525950544f2e43532e4a4d552e454455a38203933082038fa003020117a103020102a28203810482037d644c4202420dc2f8777101f929a1bbe5882d1b53514612b9562722caf3bbde64a3d92a9b46204dfc453e03eed6a2950955c40a7ce04b1bc0b725614ea7a34885903d544de4339e1218e3afc0438598eab59d2fbb59bdec951df6055ecc449dfc041534d125a71851fb9de91eec35af9d8c588a32929e1ea31fdd8d40987af5cdaa70f6ad06cac744cf7989be7c668a4d0af97cf3865e5070c6ff44d3f1abf3fbae432e3336d8b4d06daa0181c98485f4d331d29fafd01a0625673ba3dd9fe65f4317f3c4fa3c45a26ccc3caa6515b585a2bb3c3fa781046274e33bc94518cc2fd27fb60ecbe2479f330b3530a011865ff0a15282d27e5b3f1e2e34131efe28ed819b1c73ce27dfb1c5e5419aa68fcc3c3994bdc37c53e1ac03f645fb00bc24ff3506a9d11c7e63e938ac88947f810217be6f5bb1c3d691a07374e4580a34c56b04f0823e6569f0a8c51b3c8c8a0fbb9663859e0ec210e61e22860ae4c56611b2bfe375438838cd11c593d0e2cf6208f3d0f2166d23f6350253bc0171a72dcda3d31d33d64607537dbb19c76b8f684d3c619eba19ed8be70b6510a9a578832568bf844f1ea911896af6055eb3a6bfb126c7aa9f951475f336c7d6fa7ef48cd39e8d9946641291ec6799c304d095875c560056c6c482194d0d095859ae46297b9d757a6120482a2ba7c073cc842cb6a0f39294bd7acc7f19e4e12702278624c0d3000580466be313a59d1f4b47f2a699f6da2213997a42483b18f717eff959b330d73c61bf60b3d6b350528b464302b70207c9cabe51ae10898a36c4e939cf412b6f99a09ca86aac8c0043c117a6c4e5f8b606fcab0caeaefae70f359338e58ad16eb5cd3d20c4f758f852c18eec1302cebb63c0c8f448bccb36c2a62e2be3534aba816b7e26672e76e35af3790f84cb57eaaa05bfb49949f8c7bccbb6d228ec49e19dac51cb67ee8908f5772973e5ab000f0ca600bc87f631d21534f69aca1bd656efbf4f26c659b23435c1357091a5ea4166d21ee3f077b889281b9c996678d257e2849aa2c21d32c2e28406dd64a7521d809db154b6f36a68399bedcb3ac90906f316b8b67ebbc3cd3b5b5e991a25139ee8bff94935340c7ddb2d33783bfdb9b79dc13b62e600c801b0f990830391b7526352bf4c799e309371dc1090765649d2a934f0ca9e07a78f8cd59e42f9c80246c29fe17d33b96b2b7d364b291e8645f0aa6e7263c1eab1e7a3231f5562fa9b77632c2c489609bee158c1a682010b30820107a003020111a103020102a281fa0481f738bfbdef7613dede4f09662460db2ebcad50fa61f8cba9ccbdc15a5048f2de99f6c9ec4a68dff595ed928b9328d104bca86823f85959d821c62f488acf50431840890d521be2d8332571a43e0d238735a8d188a23b5e81776b151770b516c0e3478daabd7533b8d91f80744635b31e6e85dfe01200c716503983e57672e496244a9e156e6adcbd1bba35997e8df93abd1e6a5ff979744db98e180cc5653a5981a38285fcf1323a247887fcf1df760d15a4bf2f2c5f1cc88c8d3ead1f1bd8fa9641f3212c13924d9874756c822c0bebe4d45bc2a47ae41d319a267ed26ad9d7f9671c38a28105e18bbe5c7dd2a00c0af08a481335db9da3;
private byte asRepBytes[] = null;
private byte asErrBytes[] = null;
public void init () {
asRepBytes = stringToHex (asRepStr, 0);
asErrBytes = stringToHex (asErrorStr, 0);
}
public void parseMessages () {
try {
System.out.println (# of bytes = +
asRepBytes.length);
ByteBuffer buf = ByteBuffer.wrap (asRepBytes);
org.apache.directory.server.kerberos.shared.io.decoder.KdcReplyDecoder
kryDecoder = new
org.apache.directory.server.kerberos.shared.io.decoder.KdcReplyDecoder ();
KdcReply kry = kryDecoder.decode (buf);
ErrorMessageDecoder emd = new ErrorMessageDecoder ();
ByteBuffer buf2 = ByteBuffer.wrap (asErrBytes);
ErrorMessage em = emd.decode (buf2);
System.out.println (em.toString ());
} catch (Exception ex) {
ex.printStackTrace ();
}
}
public static void main (String[] args) {
SimpleDecoder sd = new SimpleDecoder ();
sd.init ();
Re: ava.io.EOFException: ERR_00021 EOF encountered in middle of object; org.apache.directory.shared.asn1.der.ASN1InputStream.readFully
FYI, the decoded AS-REP message and KRB-ERROR messages, once decoded, are :
AS-REP
pvno : 5
msg-type : padata : PreAuthenticationData : {
padata-type: null(0)
padata-value:0x30 0x22 0x30 0x20 0xA0 0x03 0x02 0x01 0x11 0xA1 0x19
0x1B 0x17 0x43 0x52 0x59 0x50 0x54 0x4F 0x2E 0x43 0x53 0x2E 0x4A 0x4D
0x55 0x2E 0x45 0x44 0x55 0x77 0x61 0x6E 0x67 0x78 0x78
}
crealm : CRYPTO.CS.JMU.EDU
cname : PrincipalName : {
name-type: KRB_NT_PRINCIPAL
name-string : 'wangxx'
}
ticket : Ticket :
tkt-vno : 5
realm : CRYPTO.CS.JMU.EDU
sname : PrincipalName : {
name-type: KRB_NT_SRV_INST
name-string : 'krbtgt', 'CRYPTO.CS.JMU.EDU'
}
enc-part : EncryptedData : {
etype: rc4-hmac (23)
kvno: 2
cipher: 0x64 0x4C 0x42 0x02 0x42 0x0D 0xC2 0xF8 0x77 0x71 0x01 0xF9
0x29 0xA1 0xBB 0xE5 0x88 0x2D 0x1B 0x53 0x51 0x46 0x12 0xB9 0x56 0x27
0x22 0xCA 0xF3 0xBB 0xDE 0x64 0xA3 0xD9 0x2A 0x9B 0x46 0x20 0x4D 0xFC
0x45 0x3E 0x03 0xEE 0xD6 0xA2 0x95 0x09 0x55 0xC4 0x0A 0x7C 0xE0 0x4B
0x1B 0xC0 0xB7 0x25 0x61 0x4E 0xA7 0xA3 0x48 0x85 0x90 0x3D 0x54 0x4D
0xE4 0x33 0x9E 0x12 0x18 0xE3 0xAF 0xC0 0x43 0x85 0x98 0xEA 0xB5 0x9D
0x2F 0xBB 0x59 0xBD 0xEC 0x95 0x1D 0xF6 0x05 0x5E 0xCC 0x44 0x9D 0xFC
0x04 0x15 0x34 0xD1 0x25 0xA7 0x18 0x51 0xFB 0x9D 0xE9 0x1E 0xEC 0x35
0xAF 0x9D 0x8C 0x58 0x8A 0x32 0x92 0x9E 0x1E 0xA3 0x1F 0xDD 0x8D 0x40
0x98 0x7A 0xF5 0xCD 0xAA 0x70 0xF6 0xAD 0x06 0xCA 0xC7 0x44 0xCF 0x79
0x89 0xBE 0x7C 0x66 0x8A 0x4D 0x0A 0xF9 0x7C 0xF3 0x86 0x5E 0x50 0x70
0xC6 0xFF 0x44 0xD3 0xF1 0xAB 0xF3 0xFB 0xAE 0x43 0x2E 0x33 0x36 0xD8
0xB4 0xD0 0x6D 0xAA 0x01 0x81 0xC9 0x84 0x85 0xF4 0xD3 0x31 0xD2 0x9F
0xAF 0xD0 0x1A 0x06 0x25 0x67 0x3B 0xA3 0xDD 0x9F 0xE6 0x5F 0x43 0x17
0xF3 0xC4 0xFA 0x3C 0x45 0xA2 0x6C 0xCC 0x3C 0xAA 0x65 0x15 0xB5 0x85
0xA2 0xBB 0x3C 0x3F 0xA7 0x81 0x04 0x62 0x74 0xE3 0x3B 0xC9 0x45 0x18
0xCC 0x2F 0xD2 0x7F 0xB6 0x0E 0xCB 0xE2 0x47 0x9F 0x33 0x0B 0x35 0x30
0xA0 0x11 0x86 0x5F 0xF0 0xA1 0x52 0x82 0xD2 0x7E 0x5B 0x3F 0x1E 0x2E
0x34 0x13 0x1E 0xFE 0x28 0xED 0x81 0x9B 0x1C 0x73 0xCE 0x27 0xDF 0xB1
0xC5 0xE5 0x41 0x9A 0xA6 0x8F 0xCC 0x3C 0x39 0x94 0xBD 0xC3 0x7C 0x53
0xE1 0xAC 0x03 0xF6 0x45 0xFB 0x00 0xBC 0x24 0xFF 0x35 0x06 0xA9 0xD1
0x1C 0x7E 0x63 0xDD 0xDD 0xE9 0x38 0xAC 0x88 0x94 0x7F 0x81 0x02 0x17
0xBE 0x6F 0x5B 0xB1 0xC3 0xD6 0x91 0xA0 0x73 0x74 0xE4 0x58 0x0A 0x34
0xC5 0x6B 0x04 0xF0 0x82 0x3E 0x65 0x69 0xF0 0xA8 0xC5 0x1B 0x3C 0x8C
0x8A 0x0F 0xBB 0x96 0x63 0x85 0x9E 0x0E 0xC2 0x10 0xE6 0x1E 0x22 0x86
0x0A 0xE4 0xC5 0x66 0x11 0xB2 0xBF 0xE3 0x75 0x43 0x88 0x38 0xCD 0x11
0xC5 0x93 0xD0 0xE2 0xCF 0x62 0x08 0xF3 0xD0 0xF2 0x16 0x6D 0x23 0xF6
0x35 0x02 0x53 0xBC 0x01 0x71 0xA7 0x2D 0xCD 0xA3 0xD3 0x1D 0x33 0xD6
0x46 0x07 0x53 0x7D 0xBB 0x19 0xC7 0x6B 0x8F 0x68 0x4D 0x3C 0x61 0x9E
0xBA 0x19 0xED 0x8B 0xE7 0x0B 0x65 0x10 0xA9 0xA5 0x78 0x83 0x25 0x68
0xBF 0x84 0x4F 0x1E 0xA9 0x11 0x89 0x6A 0xF6 0x05 0x5E 0xB3 0xA6 0xBF
0xB1 0x26 0xC7 0xAA 0x9F 0x95 0x14 0x75 0xF3 0x36 0xC7 0xD6 0xFA 0x7E
0xF4 0x8C 0xD3 0x9E 0x8D 0x99 0x46 0x64 0x12 0x91 0xEC 0x67 0x99 0xC3
0x04 0xD0 0x95 0x87 0x5C 0x56 0x00 0x56 0xC6 0xC4 0x82 0x19 0x4D 0x0D
0x09 0x58 0x59 0xAE 0x46 0x29 0x7B 0x9D 0x75 0x7A 0x61 0x20 0x48 0x2A
0x2B 0xA7 0xC0 0x73 0xCC 0x84 0x2C 0xB6 0xA0 0xF3 0x92 0x94 0xBD 0x7A
0xCC 0x7F 0x19 0xE4 0xE1 0x27 0x02 0x27 0x86 0x24 0xC0 0xD3 0x00 0x05
0x80 0x46 0x6B 0xE3 0x13 0xA5 0x9D 0x1F 0x4B 0x47 0xF2 0xA6 0x99 0xF6
0xDA 0x22 0x13 0x99 0x7A 0x42 0x48 0x3B 0x18 0xF7 0x17 0xEF 0xF9 0x59
0xB3 0x30 0xD7 0x3C 0x61 0xBF 0x60 0xB3 0xD6 0xB3 0x50 0x52 0x8B 0x46
0x43 0x02 0xB7 0x02 0x07 0xC9 0xCA 0xBE 0x51 0xAE 0x10 0x89 0x8A 0x36
0xC4 0xE9 0x39 0xCF 0x41 0x2B 0x6F 0x99 0xA0 0x9C 0xA8 0x6A 0xAC 0x8C
0x00 0x43 0xC1 0x17 0xA6 0xC4 0xE5 0xF8 0xB6 0x06 0xFC 0xAB 0x0C 0xAE
0xAE 0xFA 0xE7 0x0F 0x35 0x93 0x38 0xE5 0x8A 0xD1 0x6E 0xB5 0xCD 0x3D
0x20 0xC4 0xF7 0x58 0xF8 0x52 0xC1 0x8E 0xEC 0x13 0x02 0xCE 0xBB 0x63
0xC0 0xC8 0xF4 0x48 0xBC 0xCB 0x36 0xC2 0xA6 0x2E 0x2B 0xE3 0x53 0x4A
0xBA 0x81 0x6B 0x7E 0x26 0x67 0x2E 0x76 0xE3 0x5A 0xF3 0x79 0x0F 0x84
0xCB 0x57 0xEA 0xAA 0x05 0xBF 0xB4 0x99 0x49 0xF8 0xC7 0xBC 0xCB 0xB6
0xD2 0x28 0xEC 0x49 0xE1 0x9D 0xAC 0x51 0xCB 0x67 0xEE 0x89 0x08 0xF5
0x77 0x29 0x73 0xE5 0xAB 0x00 0x0F 0x0C 0xA6 0x00 0xBC 0x87 0xF6 0x31
0xD2 0x15 0x34 0xF6 0x9A 0xCA 0x1B 0xD6 0x56 0xEF 0xBF 0x4F 0x26 0xC6
0x59 0xB2 0x34 0x35 0xC1 0x35 0x70 0x91 0xA5 0xEA 0x41 0x66 0xD2 0x1E
0xE3 0xF0 0x77 0xB8 0x89 0x28 0x1B 0x9C 0x99 0x66 0x78 0xD2 0x57 0xE2
0x84 0x9A 0xA2 0xC2 0x1D 0x32 0xC2 0xE2 0x84 0x06 0xDD 0x64 0xA7 0x52
0x1D 0x80 0x9D 0xB1 0x54 0xB6 0xF3 0x6A 0x68 0x39 0x9B 0xED 0xCB 0x3A
0xC9 0x09 0x06 0xF3 0x16 0xB8 0xB6 0x7E 0xBB 0xC3 0xCD 0x3B 0x5B 0x5E
0x99 0x1A 0x25 0x13 0x9E 0xE8 0xBF 0xF9 0x49 0x35 0x34 0x0C 0x7D 0xDB
0x2D 0x33 0x78 0x3B 0xFD 0xB9 0xB7 0x9D 0xC1 0x3B 0x62 0xE6 0x00 0xC8
0x01 0xB0 0xF9 0x90 0x83 0x03 0x91 0xB7 0x52 0x63 0x52 0xBF 0x4C 0x79
0x9E 0x30 0x93 0x71 0xDC 0x10 0x90 0x76 0x56 0x49 0xD2 0xA9 0x34 0xF0
0xCA 0x9E 0x07
Quesiton about best way to index attributes
Hi, We have apacheds 2.0-M5 db setup with all ~90k users under one OU. Yes, I know they should be stored with some hierarchy but that's not an option for this particular customer. I want to optimize searching by lastname, (sn), firstname (givenName) and displayName. I have created indexes under the partition and we see ads-indexcachesize is set by default to 100. Assuming the value correlates to a value for the attribute, Can I set this to 50,000 for each of the attribs?. I can dedicate ~1GB of heap space for the ApacheDS JVM. Also, is there a way to rebuild the indexes in 2.0? I can't seem to find how that's done. For example In the UI someone might enter Smit looking for Smith. This gets converted into the following query with the OU as the baseDN. ( (objectclass=inetOrgPerson) (| (displayname=Smit*) (sn=Smit*) (givenName=Smit*) ) ) Lastly, would we be better off performing three separate queries (for displayname,sn,givenName) or will the logical OR search above break the moment it finds a match? Thanks.
Re: Quesiton about best way to index attributes
On Wed, Feb 29, 2012 at 11:44 PM, carlo.acco...@ibs-ag.com wrote: Hi, We have apacheds 2.0-M5 db setup with all ~90k users under one OU. Yes, I know they should be stored with some hierarchy but that's not an option for this particular customer. I want to optimize searching by lastname, (sn), firstname (givenName) and displayName. I have created indexes under the partition and we see ads-indexcachesize is set by default to 100. Assuming the value correlates to a value for the attribute, Can I set this to 50,000 for each of the attribs?. that won't help much, setting up more memory for the JVM will help I can dedicate ~1GB of heap space for the ApacheDS JVM. cool, then set the -Xms and -Xmx flags in the java options Also, is there a way to rebuild the indexes in 2.0? I can't seem to find how that's done. no, one way is to delete the index and restart the server followed by adding the index and restart, then the server will automatically build the index during startup For example In the UI someone might enter Smit looking for Smith. This gets converted into the following query with the OU as the baseDN. ( (objectclass=inetOrgPerson) (| (displayname=Smit*) (sn=Smit*) (givenName=Smit*) ) ) Lastly, would we be better off performing three separate queries (for displayname,sn,givenName) or will the logical OR search above break the moment it finds a match? Thanks. the logical OR breaks as soon as it finds a match -- Kiran Ayyagari
Re: Quesiton about best way to index attributes
Le 2/29/12 7:50 PM, Kiran Ayyagari a écrit : On Wed, Feb 29, 2012 at 11:44 PM,carlo.acco...@ibs-ag.com wrote: Hi, We have apacheds 2.0-M5 db setup with all ~90k users under one OU. Yes, I know they should be stored with some hierarchy but that's not an option for this particular customer. Having 90K users in one single OU is *not* a bad practice. You may want to setup a hierarchy, but this is not mandatory. I want to optimize searching by lastname, (sn), firstname (givenName) and displayName. I have created indexes under the partition and we see ads-indexcachesize is set by default to 100. Assuming the value correlates to a value for the attribute, Can I set this to 50,000 for each of the attribs?. that won't help much, setting up more memory for the JVM will help You still can increase the number to a higher value, but you must know that as soon as the higher BTree pages will be loaded, the speedup will be lower. With 100 pages loaded, you have most of the BTree loaded. If you have enough memory, just increase this value to 50 000, should not harm. In any case, I would suggest that once you have increased those values for each index that you do a full search to load all of them in memory, to check that you don't get an OOM, before running in production. Also, is there a way to rebuild the indexes in 2.0? I can't seem to find how that's done. no, one way is to delete the index and restart the server followed by adding the index and restart, then the server will automatically build the index during startup Kiran : haven't we added some utility tool to do that ? (It's a bit far in the past.. If we don't have them, we must add them) I'm wondering if we don't have a JIRA for that... -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
