https://bugs.openldap.org/show_bug.cgi?id=9256
Karl O. Pinc kop@karlpinc.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #728 is|0 |1 obsolete| |
--- Comment #6 from Karl O. Pinc kop@karlpinc.com --- Created attachment 729 --> https://bugs.openldap.org/attachment.cgi?id=729&action=edit Version 3, using non-narrative, "minimal" text
Hi Ondřej,
It occurs to me that my patch has left out explicit documentation of the permissions required when authzFrom/authzTo contains a URI.
Submitting a new patch which fixes this. I believe the documentation is now explicit and complete.
I have also entirely removed the "look down there for SASL binding" sentence in the bind paragraph. This was possible because I moved the authz binding paragraph to just after the first bind paragraph to put all the bind related information together. This has the additional benefit of putting the paragraph on front-end search-related behavior next to the paragraph on back-end search.
I did add words, to be explicit, and say that binding requires "anonymous" to have the documented auth privileges, even though "anonymous" is explained above. This added only 4 words. Four words seems a small price to pay for having everything you need to know about binding in one place -- and the end result is still a smaller paragraph than that in the current docs.
This last patch is based on the the "minimal text" version I put forward in the comment in response to the initial patch review. If you want a longer, more narrative, text or if you think something important has been omitted or no longer being said please let me know what else you'd like included.
Thanks for the help.