At 04:32 AM 8/19/2005, Pierangelo Masarati wrote:
>Kurt D. Zeilenga wrote:
>
>>At 01:19 AM 8/19/2005, Pierangelo Masarati wrote:
>> 
>>
>>>Pierangelo Masarati wrote:
>>>
>>>   
>>>
>>>>Possible solution: we could define a "proxy-undefined" attribute type that 
>>>>is not dsaOperation, but noUserMod, and derive from that the undefined 
>>>>attributes resulting from proxying.
>>>>     
>>>The cleanest solution is to import the schema from the remote server.
>>>   
>>
>>I don't know if I'd call this a clean solution.  Dealing with
>>incomplete schema descriptions, unsupported/unknown matching rules
>>and the like would be quite messy and dirty.
>>
>>I rather just treat unknown stuff as some pass-through blob
>>(blob here imply that we would never do any matching against
>>the values (which may have impact in ACLs and elsewhere)).
>> 
>That's what I intend as doing some repairs.  The issue is that those 
>"repaired" attributes that end up in the "undef" category are marked 
>dsaOperation and as such don't get returned by the same search that would 
>return them on the remote server.

I have no problem with having a 'repaired' attribute type for
use here (using the undefined attribute elsewhere).

Likely the documentation should make some comment as to how
authorization to read repaired attributes is handled....

Kurt


>p.
>
>
>   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Reply via email to