[Freeipa-devel] LDAP connections and the new ldap backend plugin
Jason Gerard DeRose
jderose at redhat.com
Fri Mar 6 22:16:54 UTC 2009
On Thu, 2009-03-05 at 10:03 -0500, Simo Sorce wrote:
> On Wed, 2009-03-04 at 11:54 -0500, Rob Crittenden wrote:
> > Jason Gerard DeRose wrote:
> > > On Tue, 2009-03-03 at 08:49 -0700, Rich Megginson wrote:
> > >> I'm not sure I understand. If the connection object is
> > >> ipaserver.ipaldap.IPAdmin which is a subclass of SimpleLDAPObject, can't
> > >> the connection object be "cast" and used directly as a
> > >> SimpleLDAPObject? Or does the IPA code change/overload the methods such
> > >> that it is not usable any more as a SimpleLDAPObject?
> > >
> > > The subclass overrides methods, so code written against SimpleLDAPObject
> > > would probably break.
> >
> > My concern is that we use this object in more places than just the
> > XML-RPC server. What is this going to mean for those? I suppose just
> > more complicated setup code though I guess we could write a few methods
> > to handle that.
> >
> > How do you propse handling the other methods in IPAdmin such as
> > getEntry, deleteEntry, etc?
>
> I am wondering if we should really worry that plugins can't use our ldap
> object.
>
> Existing code would probably have to be adapted to our tree/conventions,
> otherwise it will probably do something stupid with the tree anyway.
> I am wondering if actually forcing adaptation of the code is actually a
> good idea so that people don't throw garbage in ?
I'm talking about gluing existing code into IPA via a site-specific or
3rd-party plugin... the plugin need not be in our source tree and can
import code from Python modules maintained in still other trees.
Because the python-ldap bindings are the standard Python interface to
LDAP, I think people will appreciate that we allow them to use that
interface directly. I think lots of sysadmins have small scripts and
libraries they would like to be able to integrate with IPA without a
major rewrite.
Keeping this layer separated will also make my favorite thing easier:
unit testing. ;)
> Simo.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090306/b39a348f/attachment.sig>
More information about the Freeipa-devel
mailing list