[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access per Attribute Definition based on ACL

Gary C. New wrote:

Is it possible to construct an ACL to allow/disallow a specific attribute from being access by another user based on a subsequent attribute in the same entry?



Views Entry

postalAddress: 12 Sampson St
hidePostalAddress: TRUE

ACL prevents David from viewing Sam's postalAddress.

access to dn.exact="cn=sam,dc=example,dc=net" filter="(hidePostalAddress=TRUE)" attrs=postalAddress
by dn.exact="cn=david,dc=example,dc=net" none

replace dn.exact=pattern with the most appropriate style and pattern and here is the trick.


SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497