[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to limit the attribute length?

--Le jeudi 12 juillet 2001 18:44 +0800 purewang@cht.com.tw écrivait:

I try to limit the attribute length in OpenLDAP-2.0.11, ex,

attributetype ( 2.16.840.1.113730.3.1.4
        NAME 'employeeType'
        DESC 'RFC2798: type of employment for a person'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX{5} )

From the SYNTAX on the above definition, I let the maximal length of this
attribute is 5, however, I still can insert a  entry with this attribute
that its string length is greater than 5. Could anyone give me some idea?
ps: I also setup the  "schemacheck on"...
Thank You very much!!

Shih-Chang Wang

As I understand RFC 2252, the {5} you specified tells the server that it should be prepared to store at least 5 characters. It doesn't mean the server should limit the length to 5, but that it should not limit the length to less than 5.

I don't know of a way to set a maximal length.

RFC 2252:

4.3.2. Syntax Object Identifiers
   A suggested minimum upper bound on the number of characters in value
   with a string-based syntax, or the number of bytes in a value for all
   other syntaxes, may be indicated by appending this bound count inside
   of curly braces following the syntax name's OBJECT IDENTIFIER in an
   Attribute Type Description.  This bound is not part of the syntax
   name itself.  For instance, "{64}" suggests that
   server implementations should allow a string to be 64 characters
   long, although they may allow longer strings.  Note that a single
   character of the Directory String syntax may be encoded in more than
   one byte since UTF-8 is a variable-length encoding.

--- David Olivier Klebs gardien Alpages CRI courrier brebis Lyon 2 Lumière