Access realm read/post lists from external source (was Re: mods to readers.conf?)

Mike Forster mike at armchair.mb.ca
Tue May 9 05:39:10 UTC 2000


Not certain if interest in this has dwindled, but I'll post it anyway.

I've modified nnrpd.h and perm.c to support LDAP-based authentication _and_
read/post permissions in readers.conf.  Here's a snippit of my readers.conf:

auth "default" {
	auth: "ckldap"
	default: "<public>"
	default-domain: "armchair.mb.ca"
}

access "public" {
	users: "<public>@armchair.mb.ca"
	newsgroups: "public.*"
}

access "private" {
	users: "*, !<public>@armchair.mb.ca"
	perm: "permldap"
}

I use a simple "ckldap" program in the auth realm to authenticate the user 
via LDAP.
Initial connections (no res: in the auth realm) default to the "public" 
access realm: users
can read and post to public groups.  Authenticated users hit the "private" 
access realm: the
"permldap" program specified by my newly-added "perm:" field queries LDAP 
and retrieves
read/post group permissions for the user.

I wanted to see if this would work for our purposes -- and it does -- but 
I'm delaying the
necessary code cleanup and testing pending the direction of the recent 
"parsing
infrastructure" thread.  I'm also tied up with some other projects right 
now, but I'd be
interested in discussing this further if anyone is interested.

Mike Forster, mike at armchair.mb.ca

Armchair Airlines Computer Services Inc.
www.armchair.mb.ca
(204) 726-8291





More information about the inn-workers mailing list