rfc1777.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

       The Directory: Overview of Concepts, Models and Service.  ISO/IEC
       JTC 1/SC21; International Standard 9594-1, 1988

   [3] Rose, M., "Directory Assistance Service", RFC 1202, Performance
       Systems International, Inc., February 1991.

   [4] Howes, T., Smith, M., and B. Beecher, "DIXIE Protocol
       Specification, RFC 1249, University of Michigan, August 1991.

   [5] Kille, S., "A String Representation of Distinguished Names", RFC
       1779, ISODE Consortium, March 1995.






Yeong, Howes & Kille                                           [Page 15]

RFC 1777                          LDAP                        March 1995


   [6] Howes, T., Kille, S., Yeong, W., and C. Robbins, "Lightweight
       Directory Access Protocol", RFC 1488, University of Michigan,
       ISODE Consortium, Performance Systems International, NeXor Ltd.,
       July 1993.

   [7] Kerberos Authentication and Authorization System.  S.P. Miller,
       B.C. Neuman, J.I. Schiller, J.H. Saltzer; MIT Project Athena
       Documentation Section E.2.1, December 1987.

   [8] The Directory: Models.  CCITT Recommendation X.501 ISO/IEC JTC
       1/SC21; International Standard 9594-2, 1988.

  [10] The Directory: Abstract Service Definition.  CCITT Recommendation
       X.511, ISO/IEC JTC 1/SC21; International Standard 9594-3, 1988.

  [11] Specification of Abstract Syntax Notation One (ASN.1).  CCITT
       Recommendation X.208, 1988.

  [12] Specification of Basic Encoding Rules for Abstract Syntax
       Notation One (ASN.1).  CCITT Recommendation X.209, 1988.































Yeong, Howes & Kille                                           [Page 16]

RFC 1777                          LDAP                        March 1995


10.  Authors' Addresses

       Wengyik Yeong
       PSI Inc.
       510 Huntmar Park Drive
       Herndon, VA 22070
       USA

       Phone:  +1 703-450-8001
       EMail:  yeongw@psilink.com


       Tim Howes
       University of Michigan
       ITD Research Systems
       535 W William St.
       Ann Arbor, MI 48103-4943
       USA

       Phone:  +1 313 747-4454
       EMail:   tim@umich.edu


       Steve Kille
       ISODE Consortium
       PO Box 505
       London
       SW11 1DX
       UK

       Phone:  +44-71-223-4062
       EMail:  S.Kille@isode.com



















Yeong, Howes & Kille                                           [Page 17]

RFC 1777                          LDAP                        March 1995


Appendix A - Complete ASN.1 Definition

Lightweight-Directory-Access-Protocol DEFINITIONS IMPLICIT TAGS ::=

BEGIN

LDAPMessage ::=
    SEQUENCE {
         messageID      MessageID,
                        -- unique id in request,
                        -- to be echoed in response(s)
         protocolOp     CHOICE {
                             searchRequest       SearchRequest,
                             searchResponse      SearchResponse,
                             modifyRequest       ModifyRequest,
                             modifyResponse      ModifyResponse,
                             addRequest          AddRequest,
                             addResponse         AddResponse,
                             delRequest          DelRequest,
                             delResponse         DelResponse,
                             modifyDNRequest     ModifyDNRequest,
                             modifyDNResponse    ModifyDNResponse,
                             compareDNRequest    CompareRequest,
                             compareDNResponse   CompareResponse,
                             bindRequest         BindRequest,
                             bindResponse        BindResponse,
                             abandonRequest      AbandonRequest,
                             unbindRequest       UnbindRequest
                        }
    }

BindRequest ::=
    [APPLICATION 0] SEQUENCE {
         version        INTEGER (1 .. 127),
                        -- current version is 2
         name           LDAPDN,
                        -- null name implies an anonymous bind
         authentication CHOICE {
                             simple        [0] OCTET STRING,
                                       -- a zero length octet string
                                       -- implies an unauthenticated
                                       -- bind.
                             krbv42LDAP    [1] OCTET STRING,
                             krbv42DSA     [2] OCTET STRING
                                       -- values as returned by
                                       -- krb_mk_req()
                                       -- Other values in later versions
                                       -- of this protocol.



Yeong, Howes & Kille                                           [Page 18]

RFC 1777                          LDAP                        March 1995


                        }
    }

BindResponse ::= [APPLICATION 1] LDAPResult

UnbindRequest ::= [APPLICATION 2] NULL

SearchRequest ::=
    [APPLICATION 3] SEQUENCE {
         baseObject     LDAPDN,
         scope          ENUMERATED {
                             baseObject            (0),
                             singleLevel           (1),
                             wholeSubtree          (2)
                        },
         derefAliases   ENUMERATED {
                             neverDerefAliases     (0),
                             derefInSearching      (1),
                             derefFindingBaseObj   (2),
                             alwaysDerefAliases    (3)
                        },
         sizeLimit      INTEGER (0 .. maxInt),
                        -- value of 0 implies no sizelimit
         timeLimit      INTEGER (0 .. maxInt),
                        -- value of 0 implies no timelimit
         attrsOnly     BOOLEAN,
                        -- TRUE, if only attributes (without values)
                        -- to be returned.
         filter         Filter,
         attributes     SEQUENCE OF AttributeType
    }

SearchResponse ::=
    CHOICE {
         entry          [APPLICATION 4] SEQUENCE {
                             objectName     LDAPDN,
                             attributes     SEQUENCE OF SEQUENCE {
                                              AttributeType,
                                              SET OF
                                                AttributeValue
                                            }
                        },
         resultCode     [APPLICATION 5] LDAPResult
    }

ModifyRequest ::=
    [APPLICATION 6] SEQUENCE {
         object         LDAPDN,



Yeong, Howes & Kille                                           [Page 19]

RFC 1777                          LDAP                        March 1995


         modifications  SEQUENCE OF SEQUENCE {
                             operation     ENUMERATED {
                                             add      (0),
                                             delete   (1),
                                             replace  (2)
                                           },
                             modification  SEQUENCE {
                                             type     AttributeType,
                                             values   SET OF
                                                        AttributeValue
                                           }
                        }
    }


ModifyResponse ::= [APPLICATION 7] LDAPResult

AddRequest ::=
    [APPLICATION 8] SEQUENCE {
         entry          LDAPDN,
         attrs          SEQUENCE OF SEQUENCE {
                             type          AttributeType,
                             values        SET OF AttributeValue
                        }
    }

AddResponse ::= [APPLICATION 9] LDAPResult

DelRequest ::= [APPLICATION 10] LDAPDN

DelResponse ::= [APPLICATION 11] LDAPResult

ModifyRDNRequest ::=
    [APPLICATION 12] SEQUENCE {
         entry          LDAPDN,
         newrdn         RelativeLDAPDN -- old RDN always deleted
    }

ModifyRDNResponse ::= [APPLICATION 13] LDAPResult

CompareRequest ::=
    [APPLICATION 14] SEQUENCE {
         entry          LDAPDN,
         ava            AttributeValueAssertion
    }

CompareResponse ::= [APPLICATION 15] LDAPResult




Yeong, Howes & Kille                                           [Page 20]

RFC 1777                          LDAP                        March 1995


AbandonRequest ::= [APPLICATION 16] MessageID

MessageID ::= INTEGER (0 .. maxInt)

LDAPDN ::= LDAPString

RelativeLDAPDN ::= LDAPString

Filter ::=
    CHOICE {
        and            [0] SET OF Filter,
        or             [1] SET OF Filter,
        not            [2] Filter,
        equalityMatch  [3] AttributeValueAssertion,
        substrings     [4] SubstringFilter,
        greaterOrEqual [5] AttributeValueAssertion,
        lessOrEqual    [6] AttributeValueAssertion,
        present        [7] AttributeType,
        approxMatch    [8] AttributeValueAssertion
    }

LDAPResult ::=
    SEQUENCE {
        resultCode    ENUMERATED {
                        success                      (0),
                        operationsError              (1),
                        protocolError                (2),
                        timeLimitExceeded            (3),
                        sizeLimitExceeded            (4),
                        compareFalse                 (5),
                        compareTrue                  (6),
                        authMethodNotSupported       (7),
                        strongAuthRequired           (8),
                        noSuchAttribute              (16),
                        undefinedAttributeType       (17),
                        inappropriateMatching        (18),
                        constraintViolation          (19),
                        attributeOrValueExists       (20),
                        invalidAttributeSyntax       (21),
                        noSuchObject                 (32),
                        aliasProblem                 (33),
                        invalidDNSyntax              (34),
                        isLeaf                       (35),
                        aliasDereferencingProblem    (36),
                        inappropriateAuthentication  (48),
                        invalidCredentials           (49),
                        insufficientAccessRights     (50),
                        busy                         (51),



Yeong, Howes & Kille                                           [Page 21]

RFC 1777                          LDAP                        March 1995


                        unavailable                  (52),
                        unwillingToPerform           (53),
                        loopDetect                   (54),
                        namingViolation              (64),
                        objectClassViolation         (65),
                        notAllowedOnNonLeaf          (66),
                        notAllowedOnRDN              (67),
                        entryAlreadyExists           (68),
                        objectClassModsProhibited    (69),
                        other                        (80)
                      },
        matchedDN     LDAPDN,
        errorMessage  LDAPString
    }

AttributeType ::= LDAPString
                -- text name of the attribute, or dotted
                -- OID representation

AttributeValue ::= OCTET STRING

AttributeValueAssertion ::=
    SEQUENCE {
        attributeType        AttributeType,
        attributeValue       AttributeValue
    }

SubstringFilter ::=
    SEQUENCE {
        type               AttributeType,
        SEQUENCE OF CHOICE {
          initial          [0] LDAPString,
          any              [1] LDAPString,
          final            [2] LDAPString
      }
    }

LDAPString ::= OCTET STRING

maxInt INTEGER ::= 65535
END










Yeong, Howes & Kille                                           [Page 22]