[Date Prev][Date Next]
Re: Retrieving permissions from server
Lee Jensen wrote:
Is there a way that the client accessing the LDAP server can determine
what permissions it has on a given object? Is there a hidden system
attribute I can request or something?
It's much more complicated than that, you don't just have write access
to "entries" - ACLs define control down to individual attributes and
individual values of those attributes. As such, the access in effect for
a given write operation depends on the specifics of that write operation.
So for instance I bind to the server with a given dn and password and
then do a search request that returns several entries. How can I know
which if any of these entries I have say write access to without
attempting a write operation.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support