[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Rename attribute before return

Howard Chu wrote:

Pierangelo Masarati wrote:

To answer Quanah's question, I think your ITS, as answered by Kurt, is now entirely fulfilled by 2.3 code, by using back-relay and slapo-rwm; the only thing it doesn't allow is to use the requested name instead of the canonical one, e.g. returning "userid" instead of "uid" when "userid" is requested (this was a long debated question; I see the issue and I agree with the common answer that the current behavior is preferable; for those that still wish this to be possible, the answer is that it cannot be done with an overlay, so there's very little chance that it will ever be possible with OpenLDAP, except by hacking the code).

Well, it can be done, but you need to duplicate each entry before being returned, and generate new AttributeDescriptions corresponding to the desired attributes...

I would do this way: in the frontend, since we're keeping the requested names in the array of AttributeName's, just use that value instead of AttributeDescription.ad_cname, if applicable. It implies some overhead, and may be unclean for other reasons (e.g. need to consider "*", "+", "@<objectClass>" and so), but it would do the trick. Unfortunately, there's no chance we can get to that point with any type of layer (overlays, slapi, whatever). Unless we consider the opportunity of having a layer __before__ decoding and __after__encoding. This would allow, for instance, to implement the non-standard, protocol-violating extension of ITS#3193 (ranges) without hacking the baseline code.


SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497