Subject: The mailing list for listmasters using Sympa
List archive
- From: Scott Balmos<address@concealed>
- To: address@concealed
- Subject: [sympa-users] Custom LDAP authorization scenario
- Date: Sat, 13 Nov 2004 06:10:02 +0100
Hi all,
I have a list set up to pull subscriber info from LDAP. Specifically, it is
set up through an include_ldap_2level_query paragraph. The first query
searches for three groupOfUniqueNames (normal list subscribers, a set of
temporary list subscribers, and list "observer" subscribers), while the
second query looks for the specific mail addresses and/or passwords for those
list members. E.g. filter1 is (&(objectClass=groupOfUniqueNames) (|
(cn=foo)(cn=footemp)(cn=fooobserve))
Now I am trying to write custom LDAP authorization scenario search filters
for the send action, in order to properly match incoming list emails. What I
want to do is to accept posts from normal and temporary subscribers, while
rejecting from the observers.
Here's what I think would be my scenario file, named
send.privatewithobservers:
search(subscribers.ldap, [sender]) smtp,smime,md5 -> do_it
search(temp-subscribers.ldap, [sender]) smtp,smime,md5 -> do_it
search(observers.ldap, [sender]) smtp,smime,md5 -> reject()
The problem I forsee comes in writing the LDAP named filter files. The LDAP
entry that defines a list, as above, is a groupOfUniqueNames, not email
addresses. How would I properly write the LDAP search filter in the named
query files to account for this?
Also, I would like it if these named filter files were not list specific, but
could have the listname embedded as a variable, like [sender]. So that
instead of installing these three filters into the list scenario directories
for each list, with hard-coded list names in the "cn" portion of the query, I
could do something like
(cn=[listname])(cn=[listname]temp)(cn=[listname]observe).
Finally, is there an SQL equivalent to LDAP named filters that can be used in
writing authorization scenarios?
Thanks!
--Scott
- [sympa-users] Custom LDAP authorization scenario, Scott Balmos, 11/13/2004
Archive powered by MHonArc 2.6.19+.