[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Dynamic group draft

To: jjaimon@novell.com
Subject: Re: [ldapext] Dynamic group draft
From: Pierangelo Masarati <ando@sys-net.it>
Date: Tue, 13 Feb 2007 09:14:21 +0100
Cc: Ldapext <ldapext@ietf.org>, Jim Sermersheim <jimse@novell.com>
In-reply-to: <45D165BD.1010805@novell.com>
References: <45CA6D24.801@highlandsun.com> <45CDA427.4050108@sys-net.it> <45D165BD.1010805@novell.com>
User-agent: Mail/News 1.5.0.8 (X11/20061210)

Jaimon Jose wrote:
> Pierangelo Masarati wrote:
>> Additional comments: "dgIdentity" is used in objectClass definition, but
>> it is actually defined as "identity" in the attributes section.  I guess
>> the intended definition is "dgIdentity".
>>   
> 
> Section #4.5 refers this attribute as dgIdentity.  The second paragraph
> in this section, talks about "identity values" which should have been
> "dgIdentity values" .   Did I miss out something?

In Section #4.5, the title refers to this attribute as dgIdentity, but
in the subsequent RFC 4512 definition I read identity for the NAME
field.  I suspect a typo there.

>> BTW, would prefixing "memberQueryURL" and "excludedMember" with "dg" be
>> an option?
>>   
> MAY be a good idea to have consistency in attribute naming with respect
> to the features where the attributes are used.  As I recall, this is not
> used in all cases.
>> AUXILIARY classes dynamicGroupAux and dynamicGroupOfUniqueNamesAux
>> cannot respectively inherit from groupOfNames and groupOfUniqueNames
>> since the latter are STRUCTURAL.
>>   
> 
> The idea of inheriting from groupOfnames and groupOfUniqueNames is to
> have the group properties in addition to dynamicGroup properties. 
> Certain implementations seem to allow that.   I'm personally not in
> favor of copying the group properties to the auxiliary class.  Lack of
> these properties will introduce a constraint that,  only group objects
> can be marked as dynamic group. 

I concur with Howard's answer.  As a side note, by exploiting LDAP's
object orientation, you could create an abstract class dynamicGroupAbs,
then derive dynamicGroup from both groupOfNames and dynamicGroupAbs, and
dynamicGroupAux from dynamicGroupAbs only.

the *UniqueNames* variants could be derived from the same class, thus
having a single, strong characterization of dynamic groups (at least,
for those clients that speak inheritance) and some advantages for
implementors as well, which could delegate to the inheritance
capabilities of their software the handling of the variety of
combinations of dynamic groups.

See the graph below:

   groupOfNames [STRUCTURAL] -------+- dynamicGroup
                                    |
                                    |
                                    | +- dynamicGroupAux
   dynamicGroupAbs [ABSTRACT] ------+-+
                                    | +- dynamicGroupOfUniqueNamesAux
                                    |
                                    |
                                    |
   groupOfUniqueNames [STRUCTURAL] -+- dynamicGroupOfUniqueNames

The same should have occurred from the beginning with the groupOfNames
class; then, all group classes could have inherited from a common,
abstract notion of group.

p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- [ldapext] Dynamic group draft
  - From: Howard Chu <hyc@highlandsun.com>
- Re: [ldapext] Dynamic group draft
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: [ldapext] Dynamic group draft
  - From: Jaimon Jose <jjaimon@novell.com>

Prev by Date: Re: [ldapext] Dynamic group draft
Next by Date: [ldapext] [Fwd: LDAP C API gripes]
Index(es):
- Chronological
- Thread