On 04/02/2013 19:34, Philip Guenther wrote:
On Mon, 4 Feb 2013, Quanah Gibson-Mount wrote:
> --On Monday, February 04, 2013 11:55 AM +0000 Chris Palmer
> <chris.palmer(a)pobox.com> wrote:
>> But: updates to B, *with* spaces in the DN, are referred to A where they
>> fail with error 32. The client (using Novell jldap 2009.10.07) does not
>> report an error, and of course the change is not replicated.
>> The MOD to B appears in ldap.log as dn="cn=first second,ou=.......".
>> Note the space between the two words of the CN. (This is also how MODs
>> sent directly to A appear, which do get correctly processed).
>> A network trace shows B generating a referral to A of the form:
>> The MOD referral to A appears in A's ldap.log as
>> dn="cn=first%20second,ou=....." with err=32.
>> I'm at a loss to know where to go from here, or even which component is
>> at fault. Can anyone help?
> Well, %20 is just the space encoded, which I would think would be OK.
> Do you hit the same issue if you use UnboundID's SDK rather than JLDAP?
I've just had a quick look at the UnboundID SDK, and it does look much
better than JLDAP. The API is of course rather different, so I will have
to do a test case and then port the program. It's about 7 years old, and
at the time JLDAP seemed a reasonable choice...
It sounds to me like OpenLDAP is returning the correct URL in the
referral, but when Novell's jldap processes the referral it is failing to
decode the percent-encoding when generating the new request to the
referred-to server, as percent-encoding is not used (of course) in DN
field of the actual LDAP request.
That sounds right to me. A good reason to move away from JLDAP.
Many thanks for the help.