This is because the RootDSE is usually bare so applications can perform discovery but some servers might want to protect it. Know of any situation when the RootDSE could be hidden?
BTW we cannot apply ACI to the RootDSE until we make it so we have a root partition that can store subentry for the root AA with apex at the RootDSE. Alex On Mon, May 5, 2008 at 6:17 PM, Emmanuel Lecharny (JIRA) <[EMAIL PROTECTED]> wrote: > Access control don't apply to the rootDSE > ----------------------------------------- > > Key: DIRSERVER-1169 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1169 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 1.5.2 > Reporter: Emmanuel Lecharny > Fix For: 1.5.3 > > > The getRootDSE operation ( a search operation done on a empty DN, with a > BASE_OBJECT scope and a (ObjectClass=*) filter) is not checked against the > ACIs, as the Authorization interceptor is not invoked. > > > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > >
