• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

LDAP Search is inconsistent

 
Jinesh Parekh
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am using Novel LDAP API. I have a user registration form from where the request goes to LDAP to see if the user id is already in use. It works fine the first time, but if the user submits the request again with the same username, the search returns 0 entries found.

I tried using a new connection each time and also attempted to search 5 times in a for loop. Its only the first time that it finds the user,other times it cannot find the user.

Below is the code I am using to communicate with LDAP. Please tell me whats going on here.

Thank you in advance.

Jinesh Parekh

public void userNameExists(String userName) throws ValidationException {
Vector errorMessages = new Vector();
logger.debug("userNameExists() :: entered");

if (userName != null && !userName.trim().equals("")) {

String[] returnAttrList = new String[] { "uid" }; //only return the UID attribute values
String searchFilter = "(uid=" + userName.trim() + ")";
logger.debug("userNameExists() :: LDAP searchFilter = " + searchFilter);

Attributes matchAttrs = new BasicAttributes(true);
matchAttrs.put(new BasicAttribute("uid", userName));

LDAPConnection ldapConn = new LDAPConnection();

LDAPConstraints cons = ldapConn.getConstraints();
cons.setReferralFollowing(false);
ldapConn.setConstraints(cons);
logger.debug("Disabled referral following");

try {
logger.debug("userNameExists() :: Connecting to LDAP Server: " + LDAP_HOST_NAME + ":" + LDAP_PORT);
ldapConn.connect(LDAP_HOST_NAME, LDAP_PORT);

// bind to the server
logger.debug("userNameExists() :: Bind to LDAP Server as:\n\rUsername: " + LDAP_USERNAME
+ " \n\rPassword: " + LDAP_PASSWORD);
ldapConn.bind(LDAPConnection.LDAP_V3, LDAP_USERNAME, LDAP_PASSWORD.getBytes("UTF8"));

logger.debug("userNameExists() :: Searching for user...");

//search for the username passed in
LDAPSearchResults searchResults = ldapConn.search(LDAP_USER_BASE_DN, LDAPConnection.SCOPE_SUB,
searchFilter, null, false); // return

// attrs
// and
// values

logger.debug("userNameExists() :: Number of search results: " + searchResults.getCount());

if (searchResults != null && searchResults.getCount() > 0) {

logger
.info("userNameExists() :: A user account was found, so notify the user they need to choose another username.");

if (logger.isDebugEnabled()) {
/*
* To print out the search results, -- The first while loop goes through all the entries
*/
while (searchResults.hasMore()) {
LDAPEntry nextEntry = null;
try {
nextEntry = searchResults.next();
} catch (LDAPException e) {
logger.debug("userNameExists() :: Debugging Error: ", e);

// Exception is thrown, go for next entry
continue;
}

logger.debug("userNameExists() :: Next DN = " + nextEntry.getDN());
}
}

//some results exist - so the username must exist
errorMessages
.add("The username provided is already in use. Please provide a different email address. If you feel this is incorrect, please contact <a href='mailto:support@cars.com'>support@cars.com</a> for further assistance.");
}
} catch (Exception exp) {
logger
.fatal(
"userNameExists() :: An Exception occurred while searching for a user - usernames cannot be verified against OpenLDAP!",
exp);
errorMessages
.add("The username provided cannot be verified. Please try registering at a later time. If you feel this message is incorrect, please contact <a href='mailto:support@cars.com'>support@cars.com</a> for further assistance.");
exp.printStackTrace();
} finally {
//release the connection we just used to search for the user
try {
if (ldapConn != null) {
ldapConn.disconnect();

}
ldapConn = null;
} catch (LDAPException lExp) {
logger.warn("userNameExists() :: Could not close the connection to LDAP!", lExp);
}
}
} else {
//this should never really happen
errorMessages
.add("The username provided cannot be verified. Please try registering at a later time. If you feel this message is incorrect, please contact <a href='mailto:support@cars.com'>support@cars.com</a> for further assistance.");
}

if (errorMessages.size() > 0) {
// throw new ValidationException(errorMessages);
}
}
 
Matthew Snow
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm having the same issue. I found that it has to do with how much time you wait between calling com.novell.ldap.LDAPConnection.search() and com.novell.ldap.LDAPSearchResults.next(). For my situation the sweet spot is to sleep 100 millis (Thread.sleep(100)) before calling next(). This gives me a 50% chance of a hit or a miss for the same search base on a good connection.

Is there a way tell the search to block until complete or to implement a reliable ready() function for LDAPSearchResults similar to the one in BufferedReader?

Oh, and here is the entry in my pom:
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic