Hi guys, as I was trying to evaluate a JIRA (https://issues.apache.org/jira/browse/DIRSERVER-997), I tried to implement a solution based on ACI. I failed...
This part of the code needs a serious review. Not that it's buggy, to some extent, it works, but it's extremly difficult to know what's going on when we process an operation, as we don't have log. I'm afraid that we may want to postpone this to 2.0-RC2, or worse, to 2.1. This is one part of the code I haven't looked yet (one of the last one, with the Triggers and SP, I guess :) so I may be totally off base, but I don't feel ready to provide any help to any user if we release the server with this good feature. In my opinion, 2.1 is good enough for such an important feature : if users are aware that fine grained protection is not yet ready, they can make a sane choice, instead of believing that we do offer a working authorization system. I seriously don't think that we can update the doc, fix the code, and learn how to us it, in less than one month anyway. Is it just me ? Any thought ? -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
