[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access control by attribute value of bound user?

Thank you both for your answers!

I didn't expect that "sets" was the solution to allowing access to users
with a specific attribute value in their entry.

In my particular case I wanted to allow access only by users with their
attribute "transactionCenterRole" set to "admin". Here is the actual
statement that got me what I want:

access to filter=(objectClass=transactionCenterUser)
	by set="user/transactionCenterRole & [admin]" write
	by * read

Vladimir -- Vladimir Dzhuvinov * www.valan.net * PGP key ID AC9A5C6C

Attachment: signature.asc
Description: OpenPGP digital signature