directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny" <elecha...@gmail.com>
Subject Re: [2.0 Roadmap] What is intended with "make sure userPassword cannot be searched" issue?
Date Tue, 02 Oct 2007 08:17:34 GMT
This is another idea. At least, this woould be faster than leveraging
some ACI, but I think that ACI is a better idea (you may authorize
some admin to search for password, for instance).

On 10/2/07, Ersin Er <ersin.er@gmail.com> wrote:
> This may also be prevented in the DeafultAuthorizationService for those who
> do not use ACI based Authorization.
>
> WDYT?
>
>
> On 10/2/07, Emmanuel Lecharny <elecharny@gmail.com> wrote:
> > Yes, this is not an issue, as stated in the JIRA, it's pretty much
> > more a feature we don't have natively, as we don't have the ACI in the
> > core server.
> >
> > The idea is to write this ACI, and to deliver it as a defautt. We also
> > need some documentation about it.
> >
> > This is the reason it's in our roadmap.
> >
> > On 10/2/07, Ersin Er <ersin.er@gmail.com> wrote:
> > > Hi all,
> > >
> > > There is an issue in the roadmap with the explanation "make sure
> > > userPassword cannot be searched". As far as I know this is a bug
> > > (https://issues.apache.org/jira/browse/DIRSERVER-997 )
> and
> > > is also special case of another bug
> > > (https://issues.apache.org/jira/browse/DIRSERVER-955).
> AS
> > > soon as we fix DIRSERVER-955 this problem will also be gone. However, if
> > > we're talking controlling this in the DefaultAuthorizationService then
> it's
> > > ok as a new issue and it's easy to fix.
> > >
> > > Anything else I am missing?
> > >
> > > Thanks.
> > >
> > > --
> > > Ersin Er
> > > http://www.ersin-er.name
> >
> >
> > --
> > Regards,
> > Cordialement,
> > Emmanuel L├ęcharny
> > www.iktek.com
> >
>
>
>
> --
>
> Ersin Er
>  http://www.ersin-er.name


-- 
Regards,
Cordialement,
Emmanuel L├ęcharny
www.iktek.com

Mime
View raw message