You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by Alex Karasulu <ao...@bellsouth.net> on 2005/10/07 00:40:05 UTC

[ApacheDS] Interpretting AuthenticationLevel in ACIItem

I had made a presumption about how this works but want to make sure:

Does an ACIItem granting some permissions based on the 
AuthenticationLevel of none automatically grant these permissions to 
users with an AuthenticationLevel of simple, and strong?

Is this assumption correct?

Alex

Re: [ApacheDS] Interpretting AuthenticationLevel in ACIItem

Posted by Trustin Lee <tr...@gmail.com>.

2005/10/7, Alex Karasulu <ao...@bellsouth.net>:
>
> I had made a presumption about how this works but want to make sure:
>
> Does an ACIItem granting some permissions based on the
> AuthenticationLevel of none automatically grant these permissions to
> users with an AuthenticationLevel of simple, and strong?
>
> Is this assumption correct?


The AuthenticationLevel of a user is related with RelatedUserClassFilter:

* If the ACITuple is a grant, all tuples whose authLevel is greater than
user's one will be discarded
* If the ACITuple is a denial, all tuples which are not related and whose
authLevel is not greater than user's one will be discarded.

Trustin
--
what we call human nature is actually human habit
--
http://gleamynode.net/