[python-ldap] ReconnectLDAPObject not working properly?

Dusan Stefanik stefanik at dscon.sk
Tue Jul 12 12:36:49 CEST 2011 

Thanks for explain.
You have right. ReconnectObject not working without binding.
I change my code to accept this behaviour and it works.

Dusan

On 07/07/11 at 09:23am, Michael Ströder wrote:
> Dusan Stefanik wrote:
> > What calling code? My code has 3 lines in python interpreter.                                                                                                                                                                                
> > import ldap                                                                                                                                                                                                                                  
> > l = ldap.ldapobject.ReconnectLDAPObject('ldap://172.16.2.1:389/',trace_level=1,retry_max=3)                                                                                                                                                  
> > l.search_s("o=test",ldap.SCOPE_BASE,"objectclass=*")                                                                                                                                                                                         
> 
> Well, with such a short code you cannot reliably test this. The reason is the
> behaviour of the OpenLDAP C libs which looks strange at first glance.
> 
> Background:
> The OpenLDAP function ldap_initialize() and its counterpart _ldap.initialize()
> in the Python extension module does *nothing* on the wire. It just initializes
> the LDAP connection struct in the C API. The first call to an operation method
> (bind, search etc.) really opens the connection.
> 
> ReconnectLDAPObject relys on the information of an already *successfully*
> opened connection and bound LDAP association. It was never intended to be a
> convenience wrapper for your application loop. The main goal was to let
> *synchronous* methods retry to get through in case of short-time server
> failure. If the connection wasn't ever really openend it does not *reconnect*
> since there was never a connection and bind before and therefore IMHO there's
> no meaningful behaviour (think of connect and bind and already the bind fails
> with ldap.SERVER_DOWN).
> 
> But in any case your application has to handle ldap.SERVER_DOWN in a
> reasonable way which can get very tricky depending on your application.
> 
> So your test code should look like this:
> 
> import ldap
> l = ldap.ldapobject.ReconnectLDAPObject(
>   'ldap://172.16.2.1:389',
>   trace_level=1,
>   retry_max=6
> )
> # really open the connection by sending BindRequest
> l.simple_bind_s('','')
> # now enough time to stop the LDAP server
> sleep(10.0)
> # send the SearchRequest
> l.search_s("o=test",ldap.SCOPE_BASE,"objectclass=*")
> 
> But I have to think about your corner-case above where you use an implicit
> anonymous bind. Personally I never do this so it's not tested though it's
> allowed in LDAPv3. Feel free to test that inspired by the information above
> and please give feedback on that.
> 
> Ciao, Michael.
>

More information about the python-ldap mailing list