[Freeipa-devel] URI in HBAC - design page
Petr Vobornik
pvoborni at redhat.com
Wed Mar 23 17:39:45 UTC 2016
On 03/23/2016 04:41 PM, Lukáš Hellebrandt wrote:
> I created a design page for the feature:
>
> http://www.freeipa.org/page/URI-based-HBAC-design
>
>
1. The design page doesn't mention if mod_authnz_pam will be extended or
some new 'pam_sss' Apache module will be created. Or is it actually
mod_hbacauthz_pam as said in 'how to test'?
2. "in some location in Apache" is vague
3. If it is a conceptual design than OK but in final following needs to
be specified:
- which LDAP object class is extended with what attribute
- which IPA object is extended with what param
- what API methods are affected
- how will CLI options look
4. what regular expression dialect will be used?
--
Petr Vobornik
More information about the Freeipa-devel
mailing list