[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Freeipa-devel] LDAP over XML



I've been going back and forth over how much LDAP information to reveal over RPC. At this point it is simply easier to reveal it all (as granted by LDAP ACLs of course). We can remove stuff in the future (like objectclass) but for now I'm going to transmit everything I think.

The problem is that on the server side the data is in a raw format. This doesn't work so well with binary fields and you can easily end up with bad data or invalid XML.

For the time being I've overridden the string sending of the XML Marshaller to base64 encode everything. Is this price worth paying, to encode and decode all values?

We may be able to encode based on attribute but then some user will come along and customize things and their new binary field won't be encoded and things will break.

So is this an acceptable trade-off?

rob

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]