[Date Prev][Date Next] [Chronological] [Thread] [Top]

Group ACLs and indirection

To: OpenLDAP Software List <openldap-software@OpenLDAP.org>
Subject: Group ACLs and indirection
From: Simon Wilkinson <simon@sxw.org.uk>
Date: Wed, 9 Apr 2008 21:47:52 +0100

Hi,

Just wondering, before I go and delve into the code, whether there was a way of doing group based ACLs in the same way as dnattr allows indirection on the user DN.

Essentially, I'd like an object to contain an attribute holding the DN of the group permitted to access that object, and then be able to do access control based on the user being a member of the group pointed to by that DN.

I can find an email from Kurt in 1999, suggesting a groupattr directive be implemented, and welcoming contributions. Would a contribution of this still be welcomed 9 years later?

Cheers,

Simon.

Follow-Ups:
- Re: Group ACLs and indirection
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Re: Problem with back-ldap and slapo-rwn
Next by Date: error while adding entry using ldap.jar JAVA API
Index(es):
- Chronological
- Thread