Announcement Announcement Module
Collapse
No announcement yet.
Referrals Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Referrals

    I have looked around the forum and found some answers on this question, but so far the solutions have not helped.

    I am referencing an LDAP server, which apparently uses Referrals. When I try to search for a node on that server, I receive the following Exception:

    org.springframework.ldap.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006BB, data 0, 1 access points
    ref 1: 'extranet.mycompany.com'
    ]; nested exception is javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006BB, data 0, 1 access points
    ref 1: 'extranet.mycompany.com'
    remaining name 'cn=specops-spp-pwdReset,CN=spect7,OU=SpecOps Test,OU=Trading Partners,DC=extranet,DC=mycompany,DC=com'
    I then did some research, and found that I need to set referral = "follow":

    <bean id="contextSource" class="org.springframework.ldap.core.support.LdapC ontextSource">
    <property name="url" value="ldap://prodldap.mycompanyco.com" />
    <property name="userDn" value="CN=SVC_PORTAL_WPSBIND,OU=Portal,OU=Applicat ions,OU=Servers,DC=extranet,DC=mycompany,DC=com" />
    <property name="password" value="pwd" />
    <property name="pooled" value="true"/>
    <property name="referral" value="follow"/>
    </bean>
    My ldapTemplate:

    <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate" >
    <constructor-arg ref="contextSource" />
    <property name="ignorePartialResultException" value="true"/>
    </bean>
    Code where I make the call:

    try {

    ldapTemplate.lookup(leafNode + "," + fullyQualifiedUserName);

    return true;
    }catch (Exception e) {
    if(e instanceof NameNotFoundException){
    if(logger.isDebugEnabled()){
    logger.debug("Expected NameNotFoundException b/c userName's leafNode was not found. User: " + fullyQualifiedUserName);
    }
    return false;
    }

    logger.warn(e);
    return false;
    }
    I have debugged the code, and I know for a fact that referrals=follow and ignorePartialResultException=true

    Any ideas on why I am still receiving the Exception mentioned above?

    Thanks,
    Sean

  • #2
    Well, ignorePartialResultException doesn't have any effect on lookups, so that would explain why you get the exception. Now, in this case it is really not interesting for you - after all if you are doing a lookup you're interested in getting the entry, right?

    I have very little experience with referrals, but as I understand it if you sett referrals to "follow", the Java LDAP Provider will try to follow the referral, instead returning the referred node. Now, In order to do that it needs to be able to find the referred LDAP server. If, for one reason or the other, this is not possible you will get an error indicating that the referral has not been followed. The reasons may vary, e.g. the server might not be possible to reach from your location, or the referred DNS name might not be possible to resolve.

    Hope this helps in tracking this down.

    Comment


    • #3
      Well, ignorePartialResultException doesn't have any effect on lookups, so that would explain why you get the exception.
      I am not exactly sure what this means. I am new to interfacing with LDAP servers, so please elaborate on the above quote.

      Thanks,
      Sean

      Comment


      • #4
        Ok, I fixed this by bypassing the "Referral" server altogether, and simply accessing the referred to ldap server directly.

        Doesn't exactly solve the aforementioned issue, but at least I can now make progress.

        Thanks for the help.

        - Sean

        Comment


        • #5
          Originally posted by seanlon11 View Post
          I am not exactly sure what this means. I am new to interfacing with LDAP servers, so please elaborate on the above quote.

          Thanks,
          Sean
          The javadoc says:
          javax.naming.PartialResultException
          This exception is thrown to indicate that the result being returned or returned so far is partial, and that the operation cannot be completed. For example, when listing a context, this exception indicates that returned results only represents some of the bindings in the context.
          ...

          In other words, when you're listing or searching but there is a problem with one or more of the results, this exception may be thrown. When you're doing a lookup, you're not listing or searching, you're getting one specific entry. You will either get it or not, it will never be partial.

          Comment

          Working...
          X