[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with acl and wildcard

To: François Beretti <francois.beretti@enatel.com>, Liste OpenLDAP-Software <openldap-software@OpenLDAP.org>
Subject: Re: problem with acl and wildcard
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Mon, 22 Mar 2004 07:48:18 -0800
Content-disposition: inline
In-reply-to: <405EA450.10201@enatel.com>
References: <405EA450.10201@enatel.com>

--On Monday, March 22, 2004 9:31 AM +0100 François Beretti <francois.beretti@enatel.com> wrote:

Hello all

I have a problem writing acl

I want all the users to have write access to entries implementing any
objectclass prefixed by a given string


So I wrote these acls :

access to *
    by self write
    by anonymous auth

Add a "by * break" after this point. OpenLDAP evaluates as far as the first ACL to govern permission to what you are requesting (and "*" governs everything!), and stops, unless you have a break statement.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Follow-Ups:
- Re: problem with acl and wildcard
  - From: François Beretti <francois.beretti@enatel.com>

References:
- problem with acl and wildcard
  - From: François Beretti <francois.beretti@enatel.com>

Prev by Date: Re: Probleme mit LDAP
Next by Date: Re: openldap health monitoring
Index(es):
- Chronological
- Thread