[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Implementing SSS/VLV, questions.

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Implementing SSS/VLV, questions.
From: Pierangelo Masarati <ando@sys-net.it>
Date: Sat, 10 Apr 2004 09:02:42 +0200
Cc: Konstantin Kunshchikov <kvk@elbrus.ru>, openldap-devel@OpenLDAP.org
References: <1081522613.19596.13.camel@ocean.elbrus.ru> <6.0.1.1.0.20040409085212.0498f9e8@127.0.0.1>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Kurt D. Zeilenga wrote

Regardless, I'd want some authorization facility to limit who could use it and to what extent. We really need a general "authorization to use access mechanism" facility (in addition to our "authorization to access information" facility). But this can (and should) be developed independently from any SSS implementation.

There are plans to extend the limits stuff to other operations/mechs
so that generic limits can be applied on a DN basis (other limit
selection mechs could be implemented, e.g. listener names, IPs
paralleling ACLs, but this is not a priority.

p.


   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Implementing SSS/VLV, questions.
  - From: Konstantin Kunshchikov <kvk@elbrus.ru>
- Re: Implementing SSS/VLV, questions.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: overlays and slaptools
Next by Date: Re: commit: ldap/servers/slapd/slapi slapi_utils.c
Index(es):
- Chronological
- Thread