2008-03-17_16:40:26-0400 Ron Peterson rpeterso@MtHolyoke.edu:
Does searchDN get processed before searchFilter? Is there a way around that? Is there a better way to do this? The basic concept seems to work fine w/ bindDN, but not searchFilter.
I guess I'm back to my original question. Below, I'm simply hardcoding the value of ${**case}, and otherwise leaving the searchFilter or bindDN string alone. If I uncomment my searchFilter rule as below, I get a 'searchDN massage error'. I don't have any searchDN rules anywhere else. If I comment my searchFilter rule, and uncomment my bindDN rule, it works fine. OpenLDAP 2.4.8.
________________________________________________________________________ # Global rewrite rules, before any backend definitions overlay rwm rwm-rewriteEngine on
# This does not work rwm-rewriteContext searchFilter rwm-rewriteRule ".*" "${&&case(m)}$0" ":"
# This works # rwm-rewriteContext bindDN # rwm-rewriteRule ".*" # "${&&case(m)}$0" # ":"
rwm-rewriteContext searchDN rwm-rewriteRule "(.*)o=fc" "${**case}<>${&prefix($1)}" ":" rwm-rewriteRule "m{1,2}<>$" "${*prefix}o=m" ":@" rwm-rewriteRule ".*<>$" "${*prefix}o=default" ":"
________________________________________________________________________ 1304# ldapsearch -x -W -D "cn=username,o=m" -b "o=fc" '(cn=somebody)' Enter LDAP Password: xxxxx
# extended LDIF # # LDAPv3 # base <o=fc> with scope subtree # filter: (cn=somebody) # requesting: ALL #
# search result search: 2 result: 80 Other (e.g., implementation specific) error text: searchDN massage error