Re: limits

["Jong" <jongchoi@OpenLDAP.org>]

The limit code in the frontend needs also to be run before calling backend operations
internally.
How about having a utilify function to set the operation limits ? instead of duplicating
codes ?
- Jong

----- Original Message -----
From: "Pierangelo Masarati" <ando@sys-net.it>
To: <openldap-devel@OpenLDAP.org>
Sent: Monday, March 08, 2004 7:00 AM
Subject: limits


> I'm considering the opportunity to move the search limits
> selection/interpretation to the frontend, so they are
> consistently used by all backends.  As such, the selected
> structure with the appropriate limits, and their
> interpretation in terms of usual search limits, should
> be added to the req_search_s structure.
>
> Moreover, I was considering the possibility to exploit
> the limits infrastructure to set identity based limitations
> to other operations, to provide a higher (and earlier)
> selection of access in cooperation with ACLs.  E.g.:
> limit write operations before the backend's function is
> even called, or limit the possibility to use some control
> (for proxyAuthz we already have the saslAuthz{To|From}
> method, for paged results we already have some specific
> limits on the size of the page and so, but the approach
> could be of general use.  We could also think to create
> something analogous to ACIs, e.g. limits inside the data
> (maybe the idea is not new, and I'm reinventing the wheel;
> in case, forgive me).
>
> Ando.
>
> --
> Dr. Pierangelo Masarati         mailto:pierangelo.masarati@sys-net.it
> LDAP Architect, SysNet s.n.c.   http://www.sys-net.it
>
>
>
>     SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
>
>
>