[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Record Locking Proposal
Jim C wrote:
What about creating a semaphore objectclass?
...
know how we can grant access to "all" if the value is blank or if it is
set to a specific value?
I think I can answer this one also now. When one designs one's scripts,
one simply makes sure that they agree on what the "blank" dn is. You
use that dn to attempt a modify and if it fails you don't get access or
you write in a loop that waits x number of seconds between retries etc.
Hm.... no wait. maybe we don't even need a changeable dn...
Let's say that per S.O.P. we are keeping the value of the next available
uidNumber in the database. Let's say in dn=proxyuser,dc=example,dc=net.
When we do our modify, we maybe can protect against having had the value
already changed by specifying the retrieved value in the dn for the modify.
/*
Note: This example is in PHP.
Previous search for uidNumber places value in a variable called $number
*/
$booleantest=ldap_mod_replace($ds,"uidNumber=$number,cn=proxyuser,dc=microverse,dc=net",
$changed_entry);
Assumeing that "uidNumber=$number,cn=proxyuser,dc=microverse,dc=net" is
proper syntax for an attribute's specific dn AND assumeing that dn
integrity is enforced by the database and not the function ( none which
I am sure of ), if uidNumber has been changed the above will fail and
$booleantest will be false!!
If this or something like it works, it will be a technique by which a
semantic synanym for semaphoric behaviour can be implemented over many
machines and by any language that can access LDAP. :):):):)