Ron Peterson wrote:
I'm trying to select a backend (ldap proxy) according to the the content of a search filter. I've configured something like this prior to any backend definitions:
rwm-rewriteContext bindDN rwm-rewriteRule ".*" "${&&bindprefix("")}$0" ":" rwm-rewriteRule "cn=([shaum])_(.+)" "${&&bindprefix($1)}cn=$2" ":"
rwm-rewriteContext searchFilter rwm-rewriteRule ".*" "${&&filterprefix("")}$0" ":" rwm-rewriteRule "(.*)cn=([shaum])_(.+)" "${&&filterprefix($2)}$1cn=$3" ":"
# Using this expression below breaks things. I'm guessing the searchDN # context gets processed before searchFilter, so ${**filterprefix} is # undefined. # "${**bindprefix}${**filterprefix}<>${&prefix($1)}"
rwm-rewriteContext searchDN rwm-rewriteRule "(.*)o=fc" "${**bindprefix}<>${&prefix($1)}" <=== replace w/ above ":I" rwm-rewriteRule "s{1,2}<>$" "${*prefix}o=backa" ":@I" rwm-rewriteRule "h{1,2}<>$" "${*prefix}o=backb" ":@I" etc...
Does searchDN get processed before searchFilter? Is there a way around that? Is there a better way to do this? The basic concept seems to work fine w/ bindDN, but not searchFilter.
I'm using OpenLDAP 2.4.8
See http://www.openldap.org/lists/openldap-software/200712/msg00127.html. The only way around I see right now is either hack the code.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------