[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Regex access problem in slapd.conf

fre, 2003-01-03 kl. 14:53 skrev Tony Earnshaw:

> fre, 2003-01-03 kl. 11:32 skrev Paul Wilson:
> I'm sure many others will reply, but as far as I can see from slapd.conf
> and the debug output, you are trying to equate uid with cn. They aren't
> the same.
> The regex stuff works perfectly for me with 2.1.5 to 2.1.10, but it is
> advisable to be consequent ...

> access to * by dn="uid=(.*),ou=Users,o=ORG,c=US"
> group="cn=$1,ou=Users,o=ORG,c=US" write by
> dn="uid=Manager,ou=Users,o=ORG,c=US" write by anonymous auth
> The problem that I am having is that the $1 variable is not being
> populated.  As I understand regular expressions, the (.*) should match
> on any pattern.

Hmmm ... looking at it again, the slapd.conf syntax isn't Kosher,

access to dn="cn=([^,]+),ou=Users,o=ORG,c=US"
  by anonymous auth
  by dn="cn=$1,ou=Users,o=ORG,c=US" read (i.e. "by self read")
  by group="cn=Managers,ou=Users,o=ORG,c=US" write
  by * none

The above is trash, I realize, but the syntax is o.k. as an example.

The indents and paraphrazing are important - don't put comments (like I
have done) or newlines or anything else in your rules.




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl