From dev-return-21794-apmail-directory-dev-archive=directory.apache.org@directory.apache.org Tue Oct 02 05:57:30 2007 Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 21132 invoked from network); 2 Oct 2007 05:57:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Oct 2007 05:57:28 -0000 Received: (qmail 70863 invoked by uid 500); 2 Oct 2007 05:57:17 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 70812 invoked by uid 500); 2 Oct 2007 05:57:17 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 70801 invoked by uid 99); 2 Oct 2007 05:57:17 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Oct 2007 22:57:17 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of ersin.er@gmail.com designates 209.85.134.184 as permitted sender) Received: from [209.85.134.184] (HELO mu-out-0910.google.com) (209.85.134.184) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Oct 2007 05:57:17 +0000 Received: by mu-out-0910.google.com with SMTP id i2so5874890mue for ; Mon, 01 Oct 2007 22:56:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=Usp7mY4CNmQghD4YbxQYpu1c97wnq7ShHhzH07zIDJQ=; b=OA2bm/xYXxrei6k7goqkVK4edVCD0PpZMKCYQxQ6b/8BIb8zP33ZDcDEs0/Rjn4P1QQ8rXcoX7oVQk72Pveuy1JPPktNbvD6k+uG+ubRGu02XI6jGzwK2T86rGshR4OL3uT/7AmstY8+LQTkxs2ZO/Rj6HkJrPEg6a8u7MyPt8Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=RplCqXkeDzRFRc62fhwx2Oplvm4ArZG5oRNWUQfvNlW1OA9pwMvVtAULzkpLRGjZdIZp3vN1/ttXkjVtON8A/rtXnH6yiVgyQQcT7rced7pV5uPlAz1kHTaZ3PPTHq8or91c/Ox+PMgYuAu3QzLNHp5SZYwOiqPfHLniDoDUMGI= Received: by 10.78.201.2 with SMTP id y2mr3751211huf.1191304615888; Mon, 01 Oct 2007 22:56:55 -0700 (PDT) Received: by 10.78.180.8 with HTTP; Mon, 1 Oct 2007 22:56:55 -0700 (PDT) Message-ID: Date: Tue, 2 Oct 2007 08:56:55 +0300 From: "Ersin Er" To: "Apache Directory Developers List" Subject: [2.0 Roadmap] What is intended with "make sure userPassword cannot be searched" issue? MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_18363_25769381.1191304615880" X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_18363_25769381.1191304615880 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi all, There is an issue in the roadmap with the explanation "make sure userPassword cannot be searched". As far as I know this is a bug ( https://issues.apache.org/jira/browse/DIRSERVER-997) and is also special case of another bug (https://issues.apache.org/jira/browse/DIRSERVER-955). AS soon as we fix DIRSERVER-955 this problem will also be gone. However, if we're talking controlling this in the DefaultAuthorizationService then it's ok as a new issue and it's easy to fix. Anything else I am missing? Thanks. -- Ersin Er http://www.ersin-er.name ------=_Part_18363_25769381.1191304615880 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi all,

There is an issue in the roadmap with the explanation "make sure userPassword cannot be searched". As far as I know this is a bug (https://issues.apache.org/jira/browse/DIRSERVER-997 ) and is also special case of another bug (https://issues.apache.org/jira/browse/DIRSERVER-955). AS soon as we fix DIRSERVER-955 this problem will also be gone. However, if we're talking controlling this in the DefaultAuthorizationService then it's ok as a new issue and it's easy to fix.

Anything else I am missing?

Thanks.

--
Ersin Er
http://www.ersin-er.name ------=_Part_18363_25769381.1191304615880--