Forbidden Entry Property
In Directory Proxy Server 5, the ids-proxy-sch-ForbiddenEntryProperty object is used to specify a list of entries or attributes that are hidden from client applications. In Directory Proxy Server 6.2 this functionality is achieved by creating a search-data-hiding-rule for a request filtering policy.
In iPlanet Directory Access Router 5.0 (IDAR) these configuration attributes are stored under ids-proxy-con-Name=group-name,ou=groups,ou=pd2,ou=iDAR,o=services. In Directory Proxy Server 5.2, these configuration attributes are stored under ou=groups,cn=user-defined-name,ou=dar-config,o=NetscapeRoot.
The following table maps the attributes of the ids-proxy-sch-ForbiddenEntryProperty object to the corresponding properties of a search data hiding rule in Directory Proxy Server 6.2. For information about creating search data hiding rules, see To Create Search Data Hiding Rules in Sun Java System Directory Server Enterprise Edition 6.2 Administration Guide.
Table 6–14 Mapping of Directory Proxy Server 5 Server Load Configuration Attributes to Directory Proxy Server 6 Resource Limits Properties|
Directory Proxy Server 5 Attribute |
Directory Proxy Server 6 Property |
|---|---|
|
ids-proxy-con-dn-exact |
target-dns |
|
ids-proxy-con-dn-regexp |
target-dn-regular-expressions |
|
ids-proxy-con-ava |
target-attr-value-assertions |
|
ids-proxy-con-forbidden-return |
To hide a subset of attributes: rule-action:hide-attributes attrs:attribute-name To hide an entire entry: rule-action:hide-entry |
|
ids-proxy-con-permitted-return |
rule-action:show-attributes attrs:attribute-name |
- © 2010, Oracle Corporation and/or its affiliates