[Date Prev][Date Next] [Chronological] [Thread] [Top]

Access control by encryption level?



Can I restrict access to an attribute by whether I have an SSL secured connection or not?

something like:

access to userPassword
	by self write if SSL
	by anonymous auth
	by dn="cn=administrator,dc=myorg,dc=com" if SSL
	by * none
	

The idea is to restrict access to that attribute unless the user is using an SSL connection (it doesn't matter to me whether it is a StartTLS, or if the user contacted LDAPS:

I thought I saw something like this on the mailing list, but couldn't find it again.

Muchas Gracias.