directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu (JIRA)" <directory-...@incubator.apache.org>
Subject [jira] Assigned: (DIRLDAP-62) [ACIITemParser] Position of terms in optional ASN.1 elements should not matter
Date Wed, 19 Oct 2005 01:47:46 GMT
     [ http://issues.apache.org/jira/browse/DIRLDAP-62?page=all ]

Alex Karasulu reassigned DIRLDAP-62:
------------------------------------

    Assign To: Ersin Er

Perhaps Ersin you can provide an assessment of how much an effort it would be to not have
position factor into the terms of the ACI.  Or perhaps it might not be a good idea to do this
so let me know WYT.  Thanks.

> [ACIITemParser] Position of terms in optional ASN.1 elements should not matter
> ------------------------------------------------------------------------------
>
>          Key: DIRLDAP-62
>          URL: http://issues.apache.org/jira/browse/DIRLDAP-62
>      Project: Directory LDAP
>         Type: Improvement
>   Components: Common
>     Reporter: Alex Karasulu
>     Assignee: Ersin Er

>
> The position of optional elements is relavent within the ACIItemParser.  For example
for ProtectedItems the position of optional elements are relevant so for example the following
ACI whould bomb out:
>                 "{ " +
>                 "identificationTag \"searchAci\", " +
>                 "precedence 14, " +
>                 "authenticationLevel none, " +
>                 "itemOrUserFirst userFirst: { " +
>                 "userClasses { allUsers }, " +
>                 "userPermissions { { " +
>                 "protectedItems {allUserAttributeTypesAndValues, entry }, " +
>                 "grantsAndDenials { grantRead, grantReturnDN, grantBrowse } } } } }"

> This however would succeed:
>                 "{ " +
>                 "identificationTag \"searchAci\", " +
>                 "precedence 14, " +
>                 "authenticationLevel none, " +
>                 "itemOrUserFirst userFirst: { " +
>                 "userClasses { allUsers }, " +
>                 "userPermissions { { " +
>                 "protectedItems {entry, allUserAttributeTypesAndValues }, " +
>                 "grantsAndDenials { grantRead, grantReturnDN, grantBrowse } } } } }"

> The same holds for other constructs where a sequence of optional elements are expected.
 However this is a big problem.  The user specifying the ACI must know what comes first, what
comes second and so on in the ASN.1 description.  This is just too strict of a constraint
to place on users and will degrade the ease of use.  
> Really because we have names for each field order does not need to matter anymore.  
> I marked this as an improvement as opposed to a bug because the ASN.1 to ABNF translation
was correct.  It just is not the best thing to do.  
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message