[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL performance again

To: Stephan Siano <stephan.siano@suse.de>
Subject: Re: ACL performance again
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 04 Jan 2002 10:40:12 -0800
Cc: "openldap-devel" <openldap-devel@OpenLDAP.org>
In-reply-to: <5.1.0.14.0.20020104085333.0175ab30@127.0.0.1>
References: <5.1.0.14.0.20020104083410.0174eb40@127.0.0.1> <20020104160842.738EBF900@susefra1.fra.suse.de>

At 08:57 AM 2002-01-04, Kurt D. Zeilenga wrote:
>I should clarify:   For the most part OpenLDAP ACM granularity
>is attribute level.  But, due to certain directives, the
>granularity must be treated as if it where value granularity.
>If these directives are not in use, then the granularity is
>attribute level.

In looking at the code, there is normally a call to
access_allow() for the target without any values followed
by one call to access_allow for the target with each value.

One could pass out a from the first call the pointer to the
first ACL which is value specific.  If this pointer was
NULL, then the access_allow() result for the target without
any values would be applied to targets regardless of the
value.  If non-NULL, the pointer would be provided on the
each per value call and used to jump start processing.

Kurt

Follow-Ups:
- Re: ACL performance again
  - From: Stephan Siano <stephan.siano@suse.de>

References:
- Re: ACL performance again
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- ACL performance again
  - From: Stephan Siano <stephan.siano@suse.de>
- Re: ACL performance again
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: ACL performance again
Next by Date: patches for OPENLDAP_REL_ENG_2
Index(es):
- Chronological
- Thread