Peter Eisentraut wrote: > Here is a patch to support RFC 2255 LDAP URLs in pg_hba.conf. So, > instead of, say > > host ... ldap ldapserver=ldap.example.net ldapbasedn="dc=example, dc=net" > ldapsearchattribute=uid > > you could write > > host ... ldap lapurl="ldap://ldap.example.net/dc=example,dc=net?uid?sub";
Should we be referencing RFC 4516 instead? I'm not very fond of the way this entry is worded: > + <varlistentry> > + <term><literal>ldapurl</literal></term> > + <listitem> > + <para> > + You can write most of the LDAP options alternatively using an RFC > 2255 > + LDAP URL. The format is > +<synopsis> > +ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]] > +</synopsis> > + <replaceable>scope</replaceable> must be one > + of <literal>base</literal>, <literal>one</literal>, > <literal>sub</literal>, > + typically the latter. Only one attribute is used, and some other > + components of standard LDAP URLs such as filters and extensions are > + not supported. > + </para> It seems completely unlike the rest, and it doesn't read like a reference entry. How about starting with para containing just "An RFC 4516 LDAP URL", or something like that, and then expanding on the details of the format outside the <varlist>? -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
