[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [LDAP-SOFTWARE] ACLand regex (matching self)

To: Ace Suares <ace@suares.nl>
Subject: Re: [LDAP-SOFTWARE] ACLand regex (matching self)
From: Ziya Suzen <ziya@ripe.net>
Date: Sun, 23 Feb 2003 10:43:39 +0100
Cc: OpenLDAP-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <200302230308.23541.ace@suares.nl>
References: <200302230308.23541.ace@suares.nl>
User-agent: Mutt/1.3.25i

On 2003-02-23 03:08:23 +0000, Ace Suares wrote:
> Hi all,
> 
> Is the following assertion wrong or right ?
> 
> 
> ---
> When having the follwing ACL:
> 
> access to user=(.*),cd=example,dc=com

access to dn="user=(.*),cd=example,dc=com"

> 	by self write
> 
> the DN:
> 
> user=JohnQ,cd=example,dc=com
> 
> will NOT match the 'by' clause, and the 'by' clause must be rewritten to:

Unless "user=JohnQ,cd=example,dc=com" is being effected and there
are no previous access directives matching.

> 
> 	by dn="user=$1,cd=example,cd=com" write

This looks fine but it would have the same effect I guess.

What exactly are you trying to achive here?

Ziya.

> ---
> 
> TIA,
> Ace
>

Follow-Ups:
- Re: [LDAP-SOFTWARE] ACLand regex (matching self)
  - From: Ace Suares <ace@suares.nl>

References:
- ACLand regex (matching self)
  - From: Ace Suares <ace@suares.nl> (by way of Ace Suares <ace@suares.nl>)

Prev by Date: problems with slapindex
Next by Date: Re: ACLand regex (matching self)
Index(es):
- Chronological
- Thread