[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: order of rewrite context processing
2008-03-17_16:40:26-0400 Ron Peterson <rpeterso@MtHolyoke.edu>:
> Does searchDN get processed before searchFilter? Is there a way around
> that? Is there a better way to do this? The basic concept seems to
> work fine w/ bindDN, but not searchFilter.
I guess I'm back to my original question. Below, I'm simply hardcoding
the value of ${**case}, and otherwise leaving the searchFilter or bindDN
string alone. If I uncomment my searchFilter rule as below, I get a
'searchDN massage error'. I don't have any searchDN rules anywhere
else. If I comment my searchFilter rule, and uncomment my bindDN rule,
it works fine. OpenLDAP 2.4.8.
________________________________________________________________________
# Global rewrite rules, before any backend definitions
overlay rwm
rwm-rewriteEngine on
# This does not work
rwm-rewriteContext searchFilter
rwm-rewriteRule ".*"
"${&&case(m)}$0"
":"
# This works
# rwm-rewriteContext bindDN
# rwm-rewriteRule ".*"
# "${&&case(m)}$0"
# ":"
rwm-rewriteContext searchDN
rwm-rewriteRule "(.*)o=fc"
"${**case}<>${&prefix($1)}"
":"
rwm-rewriteRule "m{1,2}<>$"
"${*prefix}o=m"
":@"
rwm-rewriteRule ".*<>$"
"${*prefix}o=default"
":"
________________________________________________________________________
1304# ldapsearch -x -W -D "cn=username,o=m" -b "o=fc" '(cn=somebody)'
Enter LDAP Password: xxxxx
# extended LDIF
#
# LDAPv3
# base <o=fc> with scope subtree
# filter: (cn=somebody)
# requesting: ALL
#
# search result
search: 2
result: 80 Other (e.g., implementation specific) error
text: searchDN massage error
--
Ron Peterson
Network & Systems Manager
Mount Holyoke College