diff options
author | Pavel Březina <pbrezina@redhat.com> | 2013-02-12 13:57:02 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-04-02 15:33:03 +0200 |
commit | 02b2c042d0c2ace289583c8e5e4ead1eff481376 (patch) | |
tree | ec45a1a6ebda3e586ea45e0f0315fa02b0c32615 /src/util/sss_krb5.h | |
parent | 539b1be3507abdf8ac235b06eeed5011b0b5cde2 (diff) | |
download | sssd-02b2c042d0c2ace289583c8e5e4ead1eff481376.tar.gz sssd-02b2c042d0c2ace289583c8e5e4ead1eff481376.tar.bz2 sssd-02b2c042d0c2ace289583c8e5e4ead1eff481376.zip |
refactor nested group processing: add new code
https://fedorahosted.org/sssd/ticket/1784
1. initialization (main-req), returns members of input group
2. evaluate group members (group)
3. perform individual search (no-deref) or dereference attribute (deref)
4a. no-deref
1. perform a lookup depending on the type of the member object
2. all direct members are evaluated first
3. then we step down in nesting level and evaluate nested groups
4b. deref
1. perform a dereference lookup on member attribute
2. all direct members are evaluated first
3. then we step down in nesting level and evaluate nested groups
Tevent request flow:
main-req
|
group
|------------------------|
no-deref deref
| |
|----|------|---------| |
user group unknown recurse recurse
/ \ | | | ... | | | ...
user group group group
Diffstat (limited to 'src/util/sss_krb5.h')
0 files changed, 0 insertions, 0 deletions