From 5e4ad386b7091fa5ee4ecbc33182a5493ab14177 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Sat, 21 Jul 2007 00:56:42 +0000
Subject: [PATCH] Add the new ACI keyword  "targetcontrol"  that can be used to enforce access based on the OID of a control. For example, a new global access control rule is also being added: 

---
 opendj-sdk/opends/resource/config/config.ldif |   14 ++------------
 1 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/opendj-sdk/opends/resource/config/config.ldif b/opendj-sdk/opends/resource/config/config.ldif
index 898737d..b15bd6a 100644
--- a/opendj-sdk/opends/resource/config/config.ldif
+++ b/opendj-sdk/opends/resource/config/config.ldif
@@ -51,6 +51,8 @@
 objectClass: top
 objectClass: ds-cfg-access-control-handler
 objectClass: ds-cfg-dseecompat-access-control-handler
+ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 || 2.16.840.1.113730.3.4.17 || 2.16.840.1.113730.3.4.19 || 1.3.6.1.4.1.4203.1.10.2") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";)
+ds-cfg-global-aci: (targetcontrol="*") (version 3.0; acl "control"; allow(read) userdn="ldap:///anyone";)
 ds-cfg-global-aci: (targetattr!="userPassword||authPassword")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
 ds-cfg-global-aci: (targetattr="*")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";)
 ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="attributeTypes||dITContentRules||dITStructureRules||ldapSyntaxes||matchingRules||matchingRuleUse||nameForms||objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)
@@ -95,19 +97,7 @@
 objectClass: ds-cfg-alert-handler
 cn: JMX Alert Handler
 ds-cfg-alert-handler-class: org.opends.server.extensions.JMXAlertHandler
-ds-cfg-alert-handler-enabled: true
-
-dn: cn=SMTP Alert Handler,cn=Alert Handlers,cn=config
-objectClass: top
-objectClass: ds-cfg-alert-handler
-objectClass: ds-cfg-smtp-alert-handler
-cn: JMX Alert Handler
-ds-cfg-alert-handler-class: org.opends.server.extensions.SMTPAlertHandler
 ds-cfg-alert-handler-enabled: false
-ds-cfg-sender-address: opends-alerts@example.com
-ds-cfg-recipient-address: directory-administrators@example.com
-ds-cfg-message-subject: OpenDS Alert %%alert-type%%
-ds-cfg-message-body: Alert Type:  %%alert-type%%\n\nAlert ID:  %%alert-id%%\n\nAlert Message:  %%alert-message%%
 
 dn: cn=Backends,cn=config
 objectClass: top

--
Gitblit v1.10.0