[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] draft-zeilenga-ldap-readentry-01.txt

To: "Kurt D. Zeilenga \(E-mail\)" <Kurt@OpenLDAP.org>
Subject: [ldapext] draft-zeilenga-ldap-readentry-01.txt
From: "Andrew Sciberras" <andrews@adacel.com.au>
Date: Wed, 17 Dec 2003 09:04:02 +1100
Cc: "Ldapext \(E-mail\)" <ldapext@ietf.org>
Importance: Normal

G'Day,

The following text can be found in section 3.1 and 3.2:

~~~~~~~~~~~~~~~~~
  The server is to return a SearchResultEntry containing, subject
  to access controls and other constraints, values of the requested
  attributes.

  The normal processing of the update operation and the processing of
  this control MUST be performed as one atomic action isolated from
  other update operations.

  If the update operation fails, no response control is provided.
~~~~~~~~~~~~~~~~


On one hand, the first paragraph implies that if the read fails due to
access control restrictions, then no values should be returned.
On the other hand, paragraph two indicates that if the read fails (possibly
due to access controls) then the entire operation should fail.
Paragraph 3 explicitly states that if the update fails then the read should
as well, but fails to address the alternate scenario.

What happens if the read operation fails due to the user not having
sufficient access rights?
Should the update succeed or fail?


Thanks,

Andrew Sciberras
View500 Software Engineer
Adacel Technologies
http://view500.adacel.com


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] draft-zeilenga-ldap-readentry-01.txt
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Next by Date: Re: [ldapext] draft-zeilenga-ldap-readentry-01.txt
Index(es):
- Chronological
- Thread