Hi Dieter !
Thanks for the fast answer. Still some doubts :-( (I included them below your answer)
[mailto:openldap-software-bounces+antonio.alonso=ericsson.com@
OpenLDAP.org] On Behalf Of Dieter Kluenter writes
Hi,
"Antonio Alonso" antonio.alonso@ericsson.com writes:
Hi !
We are interested in deploying an openLDAP-based directory supporting the assertions control extension as defined in RFC 4528.
According to
http://www.openldap.org/faq/data/cache/645.html (list
of LDAPv3 features/ extensions supported by the OpenLDAP server) openLDAP 2.3 already supports the assertion contol (we only need to use it in the LDAPModify operation) but I am not sure about the backends taking care of it (back-ndb and/or back-ldbm would
be ok for
us). Could any of you provide us this info? I was checking the mail archives, but I did not find the
answer ....
As this is a DSA operation no backend is envolved, just calling a modify operation according to RFC 4528 will be sufficient.
I am not sure to understand your answer. What do you mean with "DSA operation"? (I understnd DSA in the X.500 scope and in the related LDAP scope, but I do not see the relation with the "assertion control" defined in this RFC
NOTE: As I understand RFC 4528 it is needed to check an assertion condition (based on one or a set of attribute values stored in the involved entry) before performing the required LDAP operation ... so I presume that backend must be involved in the "assertion check" too as it is the one holding the attribute values associated to an entry ... so the received assertion condition must be passed (from the front-end side) to the backend being used together the LDAP data related to the requested operation (DN, attribute types involved, attribute values involved, etc.)
Sorry if I am forgetting/misundertsanding something ....
-Dieter
-- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6