acl + wildcard pattern user's
hi, i have this contexts
- I have a Sun1DirectoryServer 5.2 pth4 running
- I have a Sun1WebProxyServer 4.0.3 running in same machine wich Directory
i have entries with pattern "cn=httpProxy" in their DN and other entries not have.
I want to allow in proxy server only entries with the pattern "cn=httpProxy"
so i have the following simple acl (result of "# cat genwork.proxy-server1.acl")
Note: - entries are under users group
- the comments are add
version 3.0;
acl "es-internal";
allow (read, execute, info) user = "anyone";
deny (list, write, delete) user = "anyone";
acl "ftp://.*";
deny absolute (all)
(user = "anyone");
acl "gopher://.*";
deny absolute (all)
(user = "anyone");
# this are acls for "entire server"
acl "default";
authenticate (user,group) {
database = "default";
method = "basic";
prompt = "Sun Java System Web Proxy Server";
};
deny (all)
(user = "anyone");
allow absolute (all)
(group = "users") and
(ip = "192.168.140.*");
# this are acl for "http://*"
acl "http://.*";
authenticate (user,group) {
database = "default";
method = "basic";
};
deny (all)
(user = "all");
allow absolute (all)
(user = "*httpProxy*") and
(ip = "192.168.140.*");
1) when i specify users, 縲hat of entrie is matched?
2) i asume the question of 1) are the dn , so with the last rule i allow only entries with httpProxy in his dn (i check this wildcard pattern making some files in /tmp directory and viewing the result of the command "#ls /tmp *httpProxy* and i think thats ok.
3) the request to proxy are denied. :(?$%&!
Thanks!!!! :)
Mensaje editado por:
maximatt
