[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL access control flux; CONTINUE

To: openldap-software <openldap-software@OpenLDAP.org>
Subject: ACL access control flux; CONTINUE
From: Forrest Gump <forrest1777@yahoo.com.br>
Date: Mon, 3 Jul 2006 15:47:49 -0300 (ART)
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.br; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=f9QHtJN/nI5UmO4XKSrsUPP52w4Uzqf97//ec7qCTi34iW+X6Mr66t4f2KaFl/7Zs4tSCIY1ekAb7G2ZpuR9YVIFCAaDscOFxC0mcxUhGhlaFZb4VHg08kDoP1c8SsTcPR6Nl18voEqcDajtCXDZ17R9oPcN7GNg2zh8UkrVDKE= ;

Hi felows!!!
 
 I have a little doubt about how the ACL works with the flux control CONTINUE.
 I mean... the BREAK junps to the next matched clausule, and CONTINUE?
 to the next matched BY?? or just to the next??
 
 An example:
 
 access to dn.subtree="dc=br"
         by dn.subtree="ou=house,dc=br" read continue
         by dn.base="uid=houseAdmin,ou=house,dc=br" write
 
 Let me explain what happens here: every object below "ou=house,dc=br" get mached when the first BY directive is checked and is granted the READ right, but because the flux control CONTINUE, will every object be allowed to WRITE on "dc=br" subtree?? or only "uid=houseAdmin,ou=house,dc=br"??
 
 thx for helping!
 
 		
---------------------------------
 Abra sua conta no Yahoo! Mail - 1GB de espaço, alertas de e-mail no celular e anti-spam realmente eficaz.

Follow-Ups:
- Re: ACL access control flux; CONTINUE
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: Configure options for portable install
Next by Date: Re: ACL access control flux; CONTINUE
Index(es):
- Chronological
- Thread