[Ietf-not43] FIRS demonstration
Eric A. Hall
ehall at ehsco.com
Sat Jul 26 11:33:19 EDT 2003
on 7/26/2003 3:11 AM Leif Johansson wrote:
> You should add version=>3 to your Net::LDAP->new - as it is you are
doh!
fixed
> Now I haven't read the FIRS draft (yet) so I am only guessing that FIRS
> is supposed to return a control on bind. However (apart from the fact
> that this requires LDAPv3) the usual way to look for a supported
> control is to lookup the root-DSE entry and look for the oid in the
> supportedControl attribute. I am not sure if this is a critique of the
> code or of the draft though :-)
Yes, the server is supposed to return the firsVersion control on bind.
This is more-or-less modelled on the password-about-to-expire control,
which is an unsolicited server control that tells the client to change the
password immediately.
The control and the usage behavior are described in section 5.3.1 of
draft-ietf-crisp-firs-core-02 with supporting text in some of the
resource-specific documents. Essentially, the control lists the object
classes for the resource-types that the server fully supports. This
provides an easier way to do schema versioning, but it also enables some
distributed processing, in that the client can choose to implement the
necessary logic locally (emulate the matching filter, as in firs.pl) or
skip to the next server in the connection list.
I specifically want to avoid the extra round-trip time needed for an
explicit control query.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
More information about the Ietf-not43
mailing list