[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] A twisted extensible match proposal

To: <ldapext@ietf.org>
Subject: [ldapext] A twisted extensible match proposal
From: "Jim Sermersheim" <jimse@novell.com>
Date: Thu, 02 Sep 2004 11:41:55 -0600
Content-disposition: inline

We're thinking of proposing an extensible match to solve a particular problem, but this matching rule sort of pushes the normal use of the MatchingRuleAssertion.matchValue field.

Here's an abstract representation of the requirement:
Say I have a blacklist in the form of a DN-syntax attribute (the member attribute is a good example)
I want to search for all people with blue eyes, but I want to exclude all people in my blacklist. So I want an extensible match where the 'type' names the attribute which holds my blacklist and the 'matchValue' contains the name of the object holding my blacklist. The matchValue is the part that is twisted * it's not really the assertion value, the assertion value is really the name of the object being tested. So if my blacklist is held in an attribute called 'exclusions' on an entry named cn=acquaintances, this would be the string filter:

(&(eyeColor=blue)(!(exclusions:1.2.666:=cn=acquaintances)))

So two questions:
1) Does this push the semantics of the MatchingRuleAssertion.matchValue too far?
2) Is there a more obvious way to solve this problem?

Thanks,

Jim


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] A twisted extensible match proposal
  - From: Steven Legg <steven.legg@eb2bcom.com>

Next by Date: Re: [ldapext] A twisted extensible match proposal
Index(es):
- Chronological
- Thread