JNDI/LDAP Service Provider Release Notes December 15, 1998 This is the 1.0.2 maintenance release of the JNDI LDAP service provider. Please send feedback on the LDAP service provider to us at jndi@java.sun.com, or to the public mailing list at jndi-interest@java.sun.com. CHANGES SINCE FCS 1.0.1 Here are the highlights of the changes to the LDAP service provider since the 1.0.1 release (Oct 15th, 1998) - Schema can be updated using the contexts and objects returned by DirContext.getSchema(). Use com.sun.naming.netscape.schemaBugs to get around bugs in Netscape Directory Server. See the JNDI Tutorial for examples. - Chain of referrals (LDAP continuation references) handled correctly for 'throw' option. - LDAP URLs with scope specifiers are supported in referrals. - If java.naming.referral is 'ignore' (or not set, which defaults to 'ignore'), a 'manage referral' control is sent automatically for LDAP v3. - Use of the java.naming.ldap.control.manageReferral property is deprecated. You should not be setting this property explicitly. Use java.naming.referral instead. - Slapd-style referrals (embedded in an LDAPv2 error message) are supported. - LDAP controls are only transmitted over LDAPv3 connections. - The java.naming.security.credentials property supports can contain either a java.lang.String or byte[] argument for specifying the password. If it is a java.lang.String, for LDAP v3, the password is encoded into a byte array using UTF-8; for LDAP v2, the encoding used is ISO-Latin-1. If it is a byte[], the argument is used as is. - Use ISO-Latin-1 for encoding strings for LDAP v2 (bug was that it used to use the platform-dependent encoding). - When specifying a list of attribute names in the java.naming.ldap.attributes.binary property, the attribute names can appear in mixed cases. KNOWN PROBLEMS AND THEIR WORKAROUNDS 1. Authenticating to referral contexts If you use the 'throw' option for handling referrals and the referred context requires different credentials, you need to use the following workaround: import com.sun.jndi.ldap.LdapReferralException; ... } catch (LdapReferralException e) { env.put(Context.SECURITY_PRINCIPAL, "newuser"); env.put(Context.SECURITY_CREDENTIALS, "newpasswd"); ctx = e.getReferralContext(env); ... } RELEASE INFORMATION This release contains: lib/ldap.jar class files for the LDAP service provider. lib/providerutil.jar utilities used by service providers developed by Sun. The LDAP service provider uses some of the classes in this jar. This jar file is interchangeable with the providerutil.jar file that you may have downloaded with one of the other service providers currently available from Sun. doc/providers/LDAP.txt contains detailed descriptions of the provider. doc/providers/draft-ryan-java-schema-00.txt contains the Internet-Draft describing the schema for representing Java objects in an LDAP directory. examples/ldap contains examples for the LDAP programmer. These examples illustrate how to perform operations equivalent to the Netscape SDK's C language examples. See examples/ldap/README. This release works with JNDI1.1 and higher releases. Your classpath must include the following when using the LDAP service provider: lib/jndi.jar:lib/ldap.jar:lib/providerutil.jar For SSL support, you also must have the SSL classes in your classpath or environment (see LDAP.txt). The classes in this release have been generated using JDK1.1.5. ADDITIONAL INFORMATION examples/api (available as part of the general JNDI1.1 distribution) contains generic examples for accessing any naming and directory service, including LDAP. See examples/api/README. examples/browser (available as a separate download) contains a JNDI browser for browsing any naming and directory service, including LDAP. See examples/browser/README-DEMO.txt. JNDI javadoc, JNDI API and SPI specifications and a JNDI tutorial are available at Sun's Java Software web site: http://java.sun.com/products/jndi/.