Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / November 2007

Tip: Looking for answers? Try searching our database.

LDAP ExtendedRequest Problem

Thread view: 
Enable EMail AlertsStart New Thread
Christian Haselbach - 08 Nov 2007 23:32 GMT
Hello,

I want to call an extended operation of the LDAP Server, the modify
password operation (RFC 3062).

This extended operation expects an (optional) sequence of three strings.
Unfortunately, it seems that the interface of ExtendedRequest is
expected to always return just the byte array of one string. The
LdapClient seems to take it as guaranteed that the byte array is the
representation of a string and marks it as an octet string.

This would mean that ExtendedRequest cannot be used to make calls of
extended operations that have non-string values.

Is this right, or am I getting something wrong here. I certainly hope
that I am wrong, because this would render LdapClient practically
useless for me.

Thanks for any hints.

Some more details: I am testing this on Java 5 on FreeBSD (diablo jdk).
One way I tried to create the byte array is as follows:

ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(new BERConstructedOctetString(userIdentity.getBytes("utf-8")));
vector.add(new BERConstructedOctetString(oldPassword.getBytes("utf-8")));
vector.add(new BERConstructedOctetString(newPassword.getBytes("utf-8")));
BERSequence sequence = new BERSequence(vector);
encodedValue = sequence.getEncoded(ASN1Encodable.BER);

This at least did not lead to a CommunicationException, but the
LDAP-Server (OpenLDAP 2.3.39) answered, that the old password was not
supplied.

Regards,
Christian
Reply to this Message
Christian Haselbach - 09 Nov 2007 21:04 GMT
> Is this right, or am I getting something wrong here. I certainly hope
> that I am wrong, because this would render LdapClient practically
> useless for me.

I'am glad to have found out I was indeed wrong. I found the correct way
to do the encoding. For the record, here it is:
ByteArrayOutputStream encodeStream = new ByteArrayOutputStream();
LBEREncoder encoder = new LBEREncoder();
ASN1Tagged[] seq = new ASN1Tagged[] {
  new ASN1Tagged(new ASN1Identifier(ASN1Identifier.CONTEXT,false,0),
new ASN1Null(), false),
  new ASN1Tagged(new ASN1Identifier(ASN1Identifier.CONTEXT,false,1),
new ASN1OctetString(oldPassword), false),
  new ASN1Tagged(new ASN1Identifier(ASN1Identifier.CONTEXT,false,2),
new ASN1OctetString(newPassword), false)};

ASN1Sequence opSeq = new ASN1Sequence(seq,3);
ASN1SequenceOf opSeqOf = new ASN1SequenceOf(opSeq);
opSeqOf.encode(encoder, encodeStream);
encodedValue = encodeStream.toByteArray();

The classes used here for encoding are from the jldap library.

Regards,
Christian
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.