[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Question on '11.3.3.1. Notes on Proxy Authorization Rules'

To: "Patrick Ben Koetter" <p@state-of-mind.de>
Subject: Re: Question on '11.3.3.1. Notes on Proxy Authorization Rules'
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Sun, 2 Sep 2007 21:06:20 +0200 (CEST)
Cc: openldap-software@openldap.org
Importance: Normal
In-reply-to: <20070902172602.GA8596@state-of-mind.de>
References: <20070902172602.GA8596@state-of-mind.de>
User-agent: SquirrelMail/1.4.3a-1

> "11.3.3.1. Notes on Proxy Authorization Rules"
> <http://www.openldap.org/doc/admin23/sasl.html#SASL%20Proxy%20Authorization>
> notes the following example:
>
>     authzTo: uid=[^,]*,dc=example,dc=com
>
> Shouldn't that be:
>
>     authzTo: dn.regex:uid=[^,]*,dc=example,dc=com

Exactly.  Actually,

    authzTo: dn.regex:^uid=[^,]*,dc=example,dc=com$

would be even better.

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------

References:
- Question on "11.3.3.1. Notes on Proxy Authorization Rules"
  - From: Patrick Ben Koetter <p@state-of-mind.de>

Prev by Date: Question on "11.3.3.1. Notes on Proxy Authorization Rules"
Next by Date: Re: High availability
Index(es):
- Chronological
- Thread