Comparison of the LDAP and JNDI Models

LDAP Status Codes and JNDI Exceptions

The LDAP defines a set of status codes that are returned with LDAP responses sent by the LDAP server (see RFC 2251). In the JNDI, error conditions are indicated as checked exceptions that are subclasses of the NamingException. See the Basics trail for an overview of the JNDI exception class hierarchy.

The LDAP service provider translates the LDAP status code it receives from the LDAP server to the appropriate subclass of NamingException. The following table shows the mapping between LDAP status codes and JNDI exceptions.

LDAP Status Code	Meaning	Exception or Action
0	Success	Report success.
1	Operations error	NamingException
2	Protocol error	CommunicationException
3	Time limit exceeded	TimeLimitExceededException
4	Size limit exceeded	SizeLimitExceededException
5	Compare false	Used by DirContext.search(). Does not generate an exception.
6	Compare true	Used by DirContext.search(). Does not generate an exception.
7	Authentication method not supported	AuthenticationNotSupportedException
8	Strong authentication required	AuthenticationNotSupportedException
9	Partial results	If the environment property "java.naming.referral" is "ignore", or contents of error do not contain a referral, throw PartialResultException. Otherwise, use contents to build a referral.
10	Referral	If the environment property "java.naming.referral" is "ignore", ignore. If the environment property "java.naming.referral" is "throw", throw ReferralException. If the environment property "java.naming.referral" is "follow", the LDAP provider processes the referral. If "java.naming.ldap.referral.limit" has been exceeded, throw LimitExceededException.
11	Administrative limit exceeded	LimitExceededException
12	Unavailable critical extension	OperationNotSupportedException
13	Confidentiality required	AuthenticationNotSupportedException
14	SASL bind in progress	Used internally by LDAP provider during authentication.
16	No such attribute	NoSuchAttributeException
17	Undefined attribute type	InvalidAttributeIdentifierException
18	Inappropriate matching	InvalidSearchFilterException
19	Constraint violation	InvalidAttributeValueException
20	Attribute Or Value Exists	AttributeInUseException
21	Invalid Attribute Syntax	InvalidAttributeValueException
32	No such object	NameNotFoundException
33	Alias problem	NamingException
34	Invalid DN syntax	InvalidNameException
35	Is leaf	Used by LDAP provider; usually doesn't generate exception.
36	Alias dereferencing problem	NamingException
48	Inappropriate authentication	AuthenticationNotSupportedException
49	Invalid credentials	AuthenticationException
50	Insufficient access rights	NoPermissionException
51	Busy	ServiceUnavailableException
52	Unavailable	ServiceUnavailableException
53	Unwilling to perform	OperationNotSupportedException
54	Loop detect	NamingException
64	Naming violation	InvalidNameException
65	Object class violation	SchemaViolationException
66	Not allowed on non-leaf	ContextNotEmptyException
67	Not allowed on RDN	SchemaViolationException
68	Entry already exists	NameAlreadyBoundException
69	Object class modifications prohibited	SchemaViolationException
71	Affects multiple DSAs	NamingException
80	Other	NamingException

Comparison of the LDAP and JNDI Models: End of Lesson

What's next? Now you can:

• Continue on to the next lesson in this trail to learn about various security-related tips.
• Go to the Miscellaneous lesson for miscellaneous tasks, such as how to read nonstring attributes and dereference LDAP aliases.
• Go to the Searches lesson for examples of how to perform various types of searches.
• Go to the Referrals lesson to learn about tips for handling referrals.
• Go to the Frequently Asked Questions lesson to read about questions that LDAP users have when using the JNDI.

Comparison of the LDAP and JNDI Models