About the LDAP Server Referrals Feature

Some LDAP servers use a special feature called referrals. A referral is an entity that contains the names and locations of other objects. A referral is used to redirect a clientScanner supported by Security Fortify WebInspect Enterprise that connects to WebInspect Enterprise to receive license permissions, updates or scan data, and which also presents a user interface through which scans may be conducted. WebInspect Enterprise controls permissions for a client and also provides the policies used by clients. A client can be configured to upload scan results to WebInspect Enterprise automatically at the completion of the scan or only when specifically instructed by the user. request to another server. It is sent by the server to indicate that the information that the client has requested can be found at another location (or locations), possibly at another server or several servers.

If Fortify Software Security Center requests an LDAP object and this object is a referral, Fortify Software Security Center must request additional information about the LDAP object from another server, the address of which is returned in the REF object attribute. These additional requests can decrease LDAP communication speed. Even if the LDAP server does not use the referrals feature, additional operations that support referrals are performed.

If referrals are not used on your LDAP server, Fortify recommends that you disable referrals support in the LDAP library. Disabling this option on the Fortify Software Security Center server side makes Fortify Software Security Center‑to‑LDAP communication much faster. For instructions, see Disabling LDAP Referrals Support.