Browse Prior Art Database

The String Representation of LDAP Search Filters (RFC2254)

IP.com Disclosure Number: IPCOM000002813D
Original Publication Date: 1997-Dec-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 6 page(s) / 12K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

T. Howes: AUTHOR

Abstract

The Lightweight Directory Access Protocol (LDAP) [1] defines a network representation of a search filter transmitted to an LDAP server. Some applications may find it useful to have a common way of representing these search filters in a human-readable form. This document defines a human-readable string format for representing LDAP search filters.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 24% of the total text.

Network Working Group T. Howes

Request for Comments: 2254 Netscape Communications Corp.

Category: Standards Track December 1997

The String Representation of LDAP Search Filters

1. Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1997). All Rights Reserved.

IESG Note

This document describes a directory access protocol that provides

both read and update access. Update access requires secure

authentication, but this document does not mandate implementation of

any satisfactory authentication mechanisms.

In accordance with RFC 2026, section 4.4.1, this specification is

being approved by IESG as a Proposed Standard despite this

limitation, for the following reasons:

a. to encourage implementation and interoperability testing of

these protocols (with or without update access) before they

are deployed, and

b. to encourage deployment and use of these protocols in read-only

applications. (e.g. applications where LDAPv3 is used as

a query language for directories which are updated by some

secure mechanism other than LDAP), and

c. to avoid delaying the advancement and deployment of other Internet

standards-track protocols which require the ability to query, but

not update, LDAPv3 directory servers.

Readers are hereby warned that until mandatory authentication

mechanisms are standardized, clients and servers written according to

this specification which make use of update functionality are

UNLIKELY TO INTEROPERATE, or MAY INTEROPERATE ONLY IF AUTHENTICATION

IS REDUCED TO AN UNACCEPTABLY WEAK LEVEL.

Implementors are hereby discouraged from deploying LDAPv3 clients or

servers which implement the update functionality, until a Proposed

Standard for mandatory authentication in LDAPv3 has been approved and

published as an RFC.

2. Abstract

The Lightweight Directory Access Protocol (LDAP) [1] defines a

network representation of a search filter transmitted to an LDAP

server. Some applications may find it useful to have a common way of

representing these search filters in a human-readable form. This

document defines a human-readable string format for representing LDAP

search filters.

This document replaces RFC 1960, extending the string LDAP filter

definition to include support for LDAP version 3 extended match

filters, and including support for representing the full range of

possible LDAP search filters.

3. LDAP Search Filter Definition

An LDAPv3 search filter is defined in Section 4.5.1 of [1] as

follows:

...