www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chris <ch...@ia.gov>
Subject Re: LDAP - Next Steps
Date Thu, 28 May 2009 01:22:15 GMT

> That defeats people who don't want to open a web browser to change a
> password... Also the Auth file is not supposed to stay around for
> ever, as soon as the LDAP server is proven to be stable.

Hi  Emmanuel,

It's not quite dead but the hope is that it will be dynamically built.  
We have some scripts that produce it from an asf-authz-template that
will live in SVN where asf-authz once was.  The template has everything
but the group members in it.  In place of those groups are the names of
the groups as stored in ldap eg. {ldap:committers}  The script reads the
template, expands the groups from ldap, and writes out the asf-authz
file.  It does this anytime the template is modified, or a change is
made to a group that it cares about within ldap.  The list of group its
cares about it determined from the template. 

Sound good?


View raw message