[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL

Subject: Re: ACL
From: Daniel Tiefnig <daniel.tiefnig@infonova.at>
Date: Fri, 06 Oct 2000 17:37:11 +0200
Cc: OpenLDAP-Software <openldap-software@OpenLDAP.org>
References: <5.0.0.25.0.20001006080807.00a5c580@router.boolean.net>

i know, i know, i've read the admin-guide for both v1.2 and v2.0
no, what i meant was: is there a possibility to do smth like:

access to *
    by dn="uid=admin,o=smth,c=smth" addr=my.i.p.address write

doon't bother the conditions, i just want to know, wheter the 'AND' of the
clauses is possible or not. (to write them just as above doesn't work,
ofcourse)
sorry if i that wasn't clear
regards
daniel


"Kurt D. Zeilenga" wrote:

> At 11:41 AM 10/6/00 +0200, Daniel Tiefnig wrote:
> >hi,
> >
> >if got a question again.
> >
> >kurt wrote in msg00176 (09/2000):
> >
> >> If the <what> or <who> statement includes multiple clauses, all
> >> clauses must match for the access to apply.  That is, the statement
> >> is evaluated using the AND of the clauses.
> >>
> >>        access to filter=(objectClass=person) attrs=userPassword
> >>                by self peername="IP:127\.0\.0\.1" write
> >
> >so slapd is checking for 'self' AND 'ip==127.0.0.1' but this only works
> >with openldap 2.x, correct?
>
> I don't be 1.2 supports the peername condition, but it supports
> other conditions (including addr and domain).
>
> Kurt

--
Daniel Tiefnig
Servertechnology
INFONOVA IT GmbH

Follow-Ups:
- Re: ACL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: ACL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: schema problem!!!
Next by Date: Re: ACL
Index(es):
- Chronological
- Thread