mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

some notes on access required by proxyAuthz control;

Browse Source 
note that other controls may need different access
privileges via, e.g., backend_attribute() (syncrepl?)
This commit is contained in:
Pierangelo Masarati 2003-12-18 00:27:01 +00:00
parent 0752b23e13
commit ca52621c1b
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
doc/man/man5/slapd.access.5
View File

@ -584,6 +584,25 @@ access to the attribute holding the referral information
(generally the (generally the
.B ref .B ref
attribute). attribute).
.LP
Some
.B controls
require specific access privileges.
The
.B proxyAuthz
control requires
.B auth (=x)
privileges on all the attributes that are present in the search filter
of the URI regexp maps (the right-hand side of the
.B sasl-regexp
directives).
It also requires
.B auth (=x)
privileges on the
.B saslAuthzTo
attribute of the authorizing identity and/or on the
.B saslAuthzFrom
attribute of the authorized identity.
.SH CAVEATS .SH CAVEATS
It is strongly recommended to explicitly use the most appropriate It is strongly recommended to explicitly use the most appropriate
.BR <dnstyle> , .BR <dnstyle> ,