directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ersin Er (JIRA)" <directory-...@incubator.apache.org>
Subject [jira] Commented: (DIRLDAP-62) [ACIITemParser] Position of terms in optional ASN.1 elements should not matter
Date Wed, 19 Oct 2005 06:51:45 GMT
    [ http://issues.apache.org/jira/browse/DIRLDAP-62?page=comments#action_12332450 ] 

Ersin Er commented on DIRLDAP-62:
---------------------------------

It's really better to provide a more flexible grammar for the end user. As Emmanuel said,
this will also simplify the grammar for this case. For grammar parts that are composed of
optional elements, we'll need to check that each element is used only once and for the parts
that are composed of non-optional elements, we'll need to check that each element is exactly
used once. So what I think now is that it's not that hard to implement. I'll do it.

> [ACIITemParser] Position of terms in optional ASN.1 elements should not matter
> ------------------------------------------------------------------------------
>
>          Key: DIRLDAP-62
>          URL: http://issues.apache.org/jira/browse/DIRLDAP-62
>      Project: Directory LDAP
>         Type: Improvement
>   Components: Common
>     Reporter: Alex Karasulu
>     Assignee: Ersin Er

>
> The position of optional elements is relavent within the ACIItemParser.  For example
for ProtectedItems the position of optional elements are relevant so for example the following
ACI whould bomb out:
>                 "{ " +
>                 "identificationTag \"searchAci\", " +
>                 "precedence 14, " +
>                 "authenticationLevel none, " +
>                 "itemOrUserFirst userFirst: { " +
>                 "userClasses { allUsers }, " +
>                 "userPermissions { { " +
>                 "protectedItems {allUserAttributeTypesAndValues, entry }, " +
>                 "grantsAndDenials { grantRead, grantReturnDN, grantBrowse } } } } }"

> This however would succeed:
>                 "{ " +
>                 "identificationTag \"searchAci\", " +
>                 "precedence 14, " +
>                 "authenticationLevel none, " +
>                 "itemOrUserFirst userFirst: { " +
>                 "userClasses { allUsers }, " +
>                 "userPermissions { { " +
>                 "protectedItems {entry, allUserAttributeTypesAndValues }, " +
>                 "grantsAndDenials { grantRead, grantReturnDN, grantBrowse } } } } }"

> The same holds for other constructs where a sequence of optional elements are expected.
 However this is a big problem.  The user specifying the ACI must know what comes first, what
comes second and so on in the ASN.1 description.  This is just too strict of a constraint
to place on users and will degrade the ease of use.  
> Really because we have names for each field order does not need to matter anymore.  
> I marked this as an improvement as opposed to a bug because the ASN.1 to ABNF translation
was correct.  It just is not the best thing to do.  
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message