directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1844) Add support for memberOf virtual attribute
Date Thu, 21 Jun 2018 17:17:00 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16519598#comment-16519598
] 

Emmanuel Lecharny commented on DIRSERVER-1844:
----------------------------------------------

It's not implemented. We have more urgent things to deal with.

Side note : memberOf is a hack, and I don't think it's a very valuable feature. It saves a
search, but the server has to pay the price for it :
* either you store the information in *each* entry and then doing a MODDN is potentially *very*
costly (we are talking about minutes of processing if there is a lot of such entries)
* or it's computed on the fly, and that mean an extra search is done internally.

Typically something that *seems* smart, but isn't.

> Add support for memberOf virtual attribute
> ------------------------------------------
>
>                 Key: DIRSERVER-1844
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1844
>             Project: Directory ApacheDS
>          Issue Type: New Feature
>            Reporter: Jay Danielsen
>            Priority: Major
>
> Several ldap servers support a reverse group membership lookup capability for access
control.
> using the rfc4519 groupOfNames objectclass/member attribute, and/or groupOfUniqueNames
objectclass/uniqueMember attribute.
> references:
> http://www.openldap.org/doc/admin24/overlays.html (Section 12.8. Reverse Group Membership
Maintenance)
> http://opendj.forgerock.org/doc/admin-guide/index/chap-groups.html (Working with groups
of entries)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message