O'Reilly logo

LDAP Programming with Java™ by Tony Dahbura, Rob Weltman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Setting Up an Access Control List

An entry may have no ACIs, one ACI, or many ACIs. ACIs allow or deny permissions to entries. When the directory server processes an incoming request for that entry, the server uses the ACIs for the entry to determine whether or not the LDAP client has permission to perform the requested operation.

An ACI on an entry affects all the entries in the directory tree that are beneath that entry. For example, an ACI on the o=airius.com entry in the sample directory provided on the CD-ROM that accompanies this book affects all entries under that entry, including ou=Groups, o=airius.com and uid=bjensen, ou=People, o=airius.com.

If one ACI allows access to an entry and another ACI denies access, the ACI that denies access ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required