[Date Prev][Date Next] [Chronological] [Thread] [Top]

Help with regexp substring capturing in 'filter' ACL clause

To: openldap-software@OpenLDAP.org
Subject: Help with regexp substring capturing in 'filter' ACL clause
From: Victor Danilchenko <danilche@cs.umass.edu>
Date: Thu, 16 Sep 2004 10:18:26 -0400 (EDT)

	Hi,
	I am trying to write an access control stanza that would
generalize over multiple groups, to replace a set of specific ones, one
per group.

	Here is what I have been using so far (we use custom schema,
cscfPersonGroupDN is an attribute in it):

access to filter=(cscfPersonGroupDN=cn=somegroup,dc=example,dc=com) attr=uidNumber
       by self read
       by dn="cn=somegroup,dc=example,dc=com" read
       by * -w break

	and it works fine. However, I need one of these for each group.
I tried to replace it with something like:

access to filter=(cscfPersonGroupDN=cn=(.*),dc=example,dc=com) attr=uidNumber
       by self read
       by dn="cn=$1,dc=example,dc=com" read
       by * -w break

	and it doesn't work. Is there any way to do substring capture
within the 'filter' clause? Can anyone help me?

-- 
|  Victor  Danilchenko  | Don't criticize a man until you've walked |
| danilche@cs.umass.edu | a mile in his moccasins -- then you'll be |
|   CSCF   |   5-4231   | a mile away, and you will have his shoes. |

Follow-Ups:
- Re: Help with regexp substring capturing in 'filter' ACL clause
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Newbie Question regarding Search API's
Next by Date: RE: Newbie Question regarding Search API's
Index(es):
- Chronological
- Thread