From d428f48a4cf79de5e3f7cbc38a2c1af7a0b80e4f Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Sat, 21 Jul 2007 00:56:42 +0000
Subject: [PATCH] Add the new ACI keyword  "targetcontrol"  that can be used to enforce access based on the OID of a control. For example, a new global access control rule is also being added: 

---
 opends/src/server/org/opends/server/messages/CoreMessages.java |   14 +++++++-------
 1 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/opends/src/server/org/opends/server/messages/CoreMessages.java b/opends/src/server/org/opends/server/messages/CoreMessages.java
index 1c0331c..aa3b15f 100644
--- a/opends/src/server/org/opends/server/messages/CoreMessages.java
+++ b/opends/src/server/org/opends/server/messages/CoreMessages.java
@@ -6084,13 +6084,12 @@
 
 
   /**
-   * The message ID for the message that will be used if a search
-   * operation cannot be processed due to insufficient access rights caused
-   * by an access control check on the geteffectiverights control. This message
-   * takes a single argument, the name of the search operation's base entry.
+   * The message ID for the message that will be used if a request control
+   * cannot be used due to insufficient access rights. This message takes a
+   * single argument, which is the OID string of the control being used.
    */
   public static final
-  int MSGID_SEARCH_EFFECTIVERIGHTS_INSUFFICIENT_ACCESS_RIGHTS =
+  int MSGID_CONTROL_INSUFFICIENT_ACCESS_RIGHTS =
     CATEGORY_MASK_CORE | SEVERITY_MASK_SEVERE_ERROR | 611;
 
 
@@ -8348,8 +8347,9 @@
         "The entry %s cannot be modified due to insufficient access rights");
     registerMessage(MSGID_SEARCH_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS,
         "The entry %s cannot be searched due to insufficient access rights");
-    registerMessage(MSGID_SEARCH_EFFECTIVERIGHTS_INSUFFICIENT_ACCESS_RIGHTS,
-        "The entry %s cannot be searched due to insufficient access rights");
+    registerMessage(MSGID_CONTROL_INSUFFICIENT_ACCESS_RIGHTS,
+        "The request control with Object Identifier (OID) \"%s\" cannot be" +
+        " used due to insufficient access rights");
     registerMessage(MSGID_BIND_OPERATION_INSECURE_SIMPLE_BIND,
                     "Rejecting a simple bind request for user %s because the " +
                     "password policy requires secure authentication");

--
Gitblit v1.10.0