[Date Prev][Date Next] [Chronological] [Thread] [Top]

order of rewrite context processing

I'm trying to select a backend (ldap proxy) according to the the content
of a search filter.  I've configured something like this prior to any
backend definitions:

rwm-rewriteContext  bindDN
rwm-rewriteRule     ".*"
rwm-rewriteRule     "cn=([shaum])_(.+)"

rwm-rewriteContext  searchFilter
rwm-rewriteRule     ".*"
rwm-rewriteRule     "(.*)cn=([shaum])_(.+)"

# Using this expression below breaks things.  I'm guessing the searchDN
# context gets processed before searchFilter, so ${**filterprefix} is
# undefined.
#                    "${**bindprefix}${**filterprefix}<>${&prefix($1)}"

rwm-rewriteContext  searchDN
rwm-rewriteRule     "(.*)o=fc"
                    "${**bindprefix}<>${&prefix($1)}" <=== replace w/ above
rwm-rewriteRule     "s{1,2}<>$"
rwm-rewriteRule     "h{1,2}<>$"

Does searchDN get processed before searchFilter?  Is there a way around
that?  Is there a better way to do this?  The basic concept seems to
work fine w/ bindDN, but not searchFilter.

I'm using OpenLDAP 2.4.8


Ron Peterson
Network & Systems Manager
Mount Holyoke College