[Date Prev][Date Next] [Chronological] [Thread] [Top]

Querying ACL: is it possible ?

I'm developing some web interfaces with Perl for OpenLDAP. I set precise and
complex ACLs. 

My question is: is it possible, starting from user's credentials, to know
what s/he can do BEFORE s/he try to do anything ? With openLdap clients or
what ever ?

The problem arises because i need to generate interfaces that allow the user
to perform exactly the actions s/he is allowed to do.
I know that i could do the job by looking for the group the user belongs to,
but accessing the ACLs would be a more straight way.

Any Idea ??