Hi Kiran,
1. The administrator may need to list all principal names, and then use the principal name he is interested in to get the Identity; 2. There may be too many principals to scan at once, so the system may need to get only a part of them at once, as Stefan pointed out; 3. We need to make Kerby compatible to Krb5, and it has implemented this interface as list_principals http://web.mit.edu/KERBEROS/krb5-1.12/doc/admin/admin_commands/kadmin_local.html ; Regards, Yaning From: Kiran Ayyagari [mailto:kayyag...@apache.org] Sent: Thursday, July 02, 2015 3:59 PM To: Apache Directory Developers List Subject: Re: How to implement getIdentities(int start, int limit) more effectively Hi Yaning, where in the server or client are we going to need this interface, iow, can you describe the usecase that requires this getIdentities(s,l) method. (I just want to understand the need for this method before we dive into implementing it) On Thu, Jul 2, 2015 at 3:39 PM, Xu, Yaning <yaning...@intel.com<mailto:yaning...@intel.com>> wrote: Hi all, As we have discussed https://issues.apache.org/jira/browse/DIRKRB-295 , IdentityService.getIdentities() should be removed. However, to implement getIdentities(int start, int limit), which returns a sorted result, I have to get all identities from the ldap server and then sort them. Is it possible for the Ldap server to return a sorted result for the client connection? In [1], I see a test about Page Search on client side testPagedSearchWrongCookie(), and it uses pagedSearchControl.setSize(3) to set the page size, the problem are: *how can I get a search result based on the start index and pageSize, like I may use getIdentities(int start, int limit) to return a result; *how can I get a sorted result from the server, so that I don’t have to get all the entries and then sort them to get the result; [1] https://svn.apache.org/repos/asf/directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/operations/search/PagedSearchIT.java public List<String> getIdentities(int start, int limit) { List<String> identities = getIdentities(); if (limit == -1) { return identities; } return getIdentities().subList(start, start + limit); } private List<String> getIdentities() { List<String> identityNames = new ArrayList<>(); EntryCursor cursor; Entry entry; try { cursor = connection.search( getConfig().getString("base_dn"), "(objectclass=*)", SearchScope.ONELEVEL, KerberosAttribute.KRB5_PRINCIPAL_NAME_AT); if (cursor == null) { return null; } while (cursor.next()) { entry = cursor.get(); identityNames.add(entry.get(KerberosAttribute.KRB5_PRINCIPAL_NAME_AT).getString()); } cursor.close(); Collections.sort(identityNames); } catch (LdapException e) { e.printStackTrace(); } catch (CursorException e) { e.printStackTrace(); } return identityNames; } Regards, Yaning -- Kiran Ayyagari http://keydap.com
