[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Automatic referral chasing

To: "Pierangelo Masarati" <ando@sys-net.it>
Subject: Re: Automatic referral chasing
From: "Gavin Henry" <ghenry@suretecsystems.com>
Date: Thu, 6 Sep 2007 21:09:08 +0100 (BST)
Cc: openldap-software@openldap.org, Jim Schultz <james.schultz@gwl.com>
Importance: Normal
In-reply-to: <46E05600.80909@sys-net.it>
Openpgp: id=796B1E87DB73BEA8
References: <46DCF836.3070403@tedata.net> <20070906155814.GA8537@is-triton.gwl.com> <46E02BE6.4070708@sys-net.it> <20070906175739.GA11145@is-triton.gwl.com> <46E0449B.5040807@sys-net.it> <49168.212.159.59.85.1189106615.squirrel@webmail.suretecsystems.com> <46E05600.80909@sys-net.it>
User-agent: SquirrelMail/1.4.10a-1.fc6

<quote who="Pierangelo Masarati">
> Gavin Henry wrote:
>
>>>> I will add the 'chain-return-error TRUE' as soon as it is available
>>>> in the current 2.3 'stable' release ;-)
>>> It's there since 2.3.33; only the man page slipped thru, sorry.
>>> Probably because man page updates were not considered a priority in
>>> re23
>>> as it's feature frozen, while this was indeed a new feature.
>>>
>>
>> Latest version of docs, with Jim's FAQ added:
>>
>>       http://suretec.org/our_docs/overlays.html#Chaining
>
> Thanks Gavin.  Quick note: probably in this case
> chain-idassert-authzFrom "*" is not appropriate, because the consumer
> should only return referrals on write, and the above statement would
> allow to chain anonymous modifications, which the provider will likely
> reject.  Although this does not break security or anything like that, it
> seems to add a needless round trip for a definitely incorrect operation,
> unless someone explicitly allows anonymous modifications.  I wouldn't
> put this in a (basic) example, though.

Removed and link above updated.

>
> p.
>
>
>
> Ing. Pierangelo Masarati
> OpenLDAP Core Team
>
> SysNet s.r.l.
> via Dossi, 8 - 27100 Pavia - ITALIA
> http://www.sys-net.it
> ---------------------------------------
> Office:  +39 02 23998309
> Mobile:  +39 333 4963172
> Email:   pierangelo.masarati@sys-net.it
> ---------------------------------------
>
>
>

Follow-Ups:
- Re: Automatic referral chasing
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- Automatic referral chasing
  - From: "Taymour A. El Erian" <taymour.elerian@tedata.net>
- Re: Automatic referral chasing
  - From: Jim Schultz <james.schultz@gwl.com>
- Re: Automatic referral chasing
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: Automatic referral chasing
  - From: Jim Schultz <james.schultz@gwl.com>
- Re: Automatic referral chasing
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: Automatic referral chasing
  - From: "Gavin Henry" <ghenry@suretecsystems.com>
- Re: Automatic referral chasing
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: Automatic referral chasing
Next by Date: Re: Automatic referral chasing
Index(es):
- Chronological
- Thread