[
https://issues.apache.org/jira/browse/DIRSERVER-1844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17252089#comment-17252089
]
Ryan commented on DIRSERVER-1844:
---------------------------------
Continuing to look at (1), I am now thinking that we need a new 'attribute
type', 'comparator', and 'matching rule' to implement this. The reason being,
that when adding a memberOf clause, to the Search Request Filter, we need to
ignore this clause, until after we have computed it in the MemberOfInterceptor.
*I am kind of bouncing around looking at files in:
api-ldap-schema-data/src/main/resources/schema/ou=schema/cn=system/ou=[attributetypes,comparators,matchingrules,normalizers]
> Add support for memberOf virtual attribute
> ------------------------------------------
>
> Key: DIRSERVER-1844
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1844
> Project: Directory ApacheDS
> Issue Type: New Feature
> Components: ldap
> Affects Versions: 2.0.0.AM25
> Reporter: Jay Danielsen
> Priority: Major
> Attachments: MemberOfInterceptor.java,
> image-2020-12-14-16-37-20-443.png
>
>
> Several ldap servers support a reverse group membership lookup capability for
> access control.
> using the rfc4519 groupOfNames objectclass/member attribute, and/or
> groupOfUniqueNames objectclass/uniqueMember attribute.
> references:
> http://www.openldap.org/doc/admin24/overlays.html (Section 12.8. Reverse
> Group Membership Maintenance)
> http://opendj.forgerock.org/doc/admin-guide/index/chap-groups.html (Working
> with groups of entries)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
