Greg B wrote:
hi Brandon, what OpenLDAP API calls have you used? if you just did invoked LDAP search, then that doesn't really help because I'm already doing that and by that point in time its already too late.
On 10/17/06, Brandon McCombs bmccombs@ma.rr.com wrote:
Greg B wrote:
hi,
Does OpenLDAP provide any routines for validating whether a given string represents a valid LDAP search filter? This is for me to detect invalid configuration settings in my LDAP client, and report the problem to the end-user as early as possible. For example, I want to catch settings like LDAPFilter="(cn=foo)", since they don't conform to the RFC 2254. Also, a side question, is the use of brackets around the main filter definition compulsory? All of the LDAP tools I have at my disposal seem to allow just cn=foo type filters...
thanks in advance,
regards, Greg
Well, as a test I did objectclass>f (without quotes) and I got back an error stating "missing equals" so yes you can leave off the parenthesis and yes you will get validation related errors back (at least in some cases from what I've experienced).
hope that helps Brandon
Actually I'm using Java JNDI API which is compatible with OpenLDAP (as long as I don't attempt to do anything with the schema at which point I run into some usability issues). Actually, OpenLDAP is compatible with JNDI, not the other way around. If you have a C API I would presume it would do the same thing because it's the directory server that is responsible for working with a given API so unless OpenLDAP isn't consistent across APIs you should have the same experience with the C API if that is what you are using.
As a side note, I'm using Novell's LDAP API for accessing OpenLDAP's schema.
Brandon