[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with acl and wildcard

--On Monday, March 22, 2004 9:31 AM +0100 François Beretti <francois.beretti@enatel.com> wrote:

Hello all

I have a problem writing acl

I want all the users to have write access to entries implementing any
objectclass prefixed by a given string

So I wrote these acls :

access to *
    by self write
    by anonymous auth

Add a "by * break" after this point. OpenLDAP evaluates as far as the first ACL to govern permission to what you are requesting (and "*" governs everything!), and stops, unless you have a break statement.


Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html