I'm trying to select a backend (ldap proxy) according to the the content of a search filter. I've configured something like this prior to any backend definitions:
rwm-rewriteContext bindDN rwm-rewriteRule ".*" "${&&bindprefix("")}$0" ":" rwm-rewriteRule "cn=([shaum])_(.+)" "${&&bindprefix($1)}cn=$2" ":"
rwm-rewriteContext searchFilter rwm-rewriteRule ".*" "${&&filterprefix("")}$0" ":" rwm-rewriteRule "(.*)cn=([shaum])_(.+)" "${&&filterprefix($2)}$1cn=$3" ":"
# Using this expression below breaks things. I'm guessing the searchDN # context gets processed before searchFilter, so ${**filterprefix} is # undefined. # "${**bindprefix}${**filterprefix}<>${&prefix($1)}"
rwm-rewriteContext searchDN rwm-rewriteRule "(.*)o=fc" "${**bindprefix}<>${&prefix($1)}" <=== replace w/ above ":I" rwm-rewriteRule "s{1,2}<>$" "${*prefix}o=backa" ":@I" rwm-rewriteRule "h{1,2}<>$" "${*prefix}o=backb" ":@I" etc...
Does searchDN get processed before searchFilter? Is there a way around that? Is there a better way to do this? The basic concept seems to work fine w/ bindDN, but not searchFilter.
I'm using OpenLDAP 2.4.8
TIA.