[Freeipa-devel] LDAP over XML
Rob Crittenden
rcritten at redhat.com
Wed Jul 18 15:48:44 UTC 2007
I've been going back and forth over how much LDAP information to reveal
over RPC. At this point it is simply easier to reveal it all (as granted
by LDAP ACLs of course). We can remove stuff in the future (like
objectclass) but for now I'm going to transmit everything I think.
The problem is that on the server side the data is in a raw format. This
doesn't work so well with binary fields and you can easily end up with
bad data or invalid XML.
For the time being I've overridden the string sending of the XML
Marshaller to base64 encode everything. Is this price worth paying, to
encode and decode all values?
We may be able to encode based on attribute but then some user will come
along and customize things and their new binary field won't be encoded
and things will break.
So is this an acceptable trade-off?
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070718/2f855fce/attachment.bin>
More information about the Freeipa-devel
mailing list