Referrals

**seanlon11** · Sep 3rd, 2009, 03:47 PM

I have looked around the forum and found some answers on this question, but so far the solutions have not helped.

I am referencing an LDAP server, which apparently uses Referrals. When I try to search for a node on that server, I receive the following Exception:

org.springframework.ldap.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006BB, data 0, 1 access points
ref 1: 'extranet.mycompany.com'
]; nested exception is javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006BB, data 0, 1 access points
ref 1: 'extranet.mycompany.com'
remaining name 'cn=specops-spp-pwdReset,CN=spect7,OU=SpecOps Test,OU=Trading Partners,DC=extranet,DC=mycompany,DC=com'

I then did some research, and found that I need to set referral = "follow":

My ldapTemplate:

Code where I make the call:

try {

ldapTemplate.lookup(leafNode + "," + fullyQualifiedUserName);

return true;
}catch (Exception e) {
if(e instanceof NameNotFoundException){
if(logger.isDebugEnabled()){
logger.debug("Expected NameNotFoundException b/c userName's leafNode was not found. User: " + fullyQualifiedUserName);
}
return false;
}

logger.warn(e);
return false;
}

I have debugged the code, and I know for a fact that referrals=follow and ignorePartialResultException=true

Any ideas on why I am still receiving the Exception mentioned above?

Thanks,
Sean

**rasky** · Sep 4th, 2009, 06:18 AM

Well, ignorePartialResultException doesn't have any effect on lookups, so that would explain why you get the exception. Now, in this case it is really not interesting for you - after all if you are doing a lookup you're interested in getting the entry, right?

I have very little experience with referrals, but as I understand it if you sett referrals to "follow", the Java LDAP Provider will try to follow the referral, instead returning the referred node. Now, In order to do that it needs to be able to find the referred LDAP server. If, for one reason or the other, this is not possible you will get an error indicating that the referral has not been followed. The reasons may vary, e.g. the server might not be possible to reach from your location, or the referred DNS name might not be possible to resolve.

Hope this helps in tracking this down.

**seanlon11** · Sep 4th, 2009, 08:50 AM

Well, ignorePartialResultException doesn't have any effect on lookups, so that would explain why you get the exception.

I am not exactly sure what this means. I am new to interfacing with LDAP servers, so please elaborate on the above quote.

Thanks,
Sean

**seanlon11** · Sep 4th, 2009, 09:35 AM

Ok, I fixed this by bypassing the "Referral" server altogether, and simply accessing the referred to ldap server directly.

Doesn't exactly solve the aforementioned issue, but at least I can now make progress.

Thanks for the help.

- Sean

**ulsa** · Sep 5th, 2009, 05:58 AM

Originally Posted by seanlon11

I am not exactly sure what this means. I am new to interfacing with LDAP servers, so please elaborate on the above quote.

Thanks,
Sean

The javadoc says:
javax.naming.PartialResultException
This exception is thrown to indicate that the result being returned or returned so far is partial, and that the operation cannot be completed. For example, when listing a context, this exception indicates that returned results only represents some of the bindings in the context.
...

In other words, when you're listing or searching but there is a problem with one or more of the results, this exception may be thrown. When you're doing a lookup, you're not listing or searching, you're getting one specific entry. You will either get it or not, it will never be partial.

Thread: Referrals

Thread Tools

Display

Referrals

Tags for this Thread

Posting Permissions