This may also be prevented in the DeafultAuthorizationService for those who do not use ACI based Authorization.
WDYT? On 10/2/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote: > > Yes, this is not an issue, as stated in the JIRA, it's pretty much > more a feature we don't have natively, as we don't have the ACI in the > core server. > > The idea is to write this ACI, and to deliver it as a defautt. We also > need some documentation about it. > > This is the reason it's in our roadmap. > > On 10/2/07, Ersin Er <[EMAIL PROTECTED]> wrote: > > Hi all, > > > > There is an issue in the roadmap with the explanation "make sure > > userPassword cannot be searched". As far as I know this is a bug > > (https://issues.apache.org/jira/browse/DIRSERVER-997 ) and > > is also special case of another bug > > (https://issues.apache.org/jira/browse/DIRSERVER-955). AS > > soon as we fix DIRSERVER-955 this problem will also be gone. However, if > > we're talking controlling this in the DefaultAuthorizationService then > it's > > ok as a new issue and it's easy to fix. > > > > Anything else I am missing? > > > > Thanks. > > > > -- > > Ersin Er > > http://www.ersin-er.name > > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com > -- Ersin Er http://www.ersin-er.name
