> Any reason why LDAP never defined application level subtree specification > mechanisms? Right now the subentry is used > with the a operational usage for the main subtreeSpecification attribute. > Also the base is AP position relative. Why not > have an application space specification and use that for dynamic grouping? > >
When it comes to a 'local' directory how is this different from having application specific attributes and ACLs that control who can see what? Oracle Virtual Directory has similar feature, but as a virtual directory it limits what 'adapters' can be accessed by a client connection. Since virtual directories often create application specific 'views' of data this feature makes it easier to use a single virtual directory for multiple applications. Maybe I don't understand your use case? Marc
