SLAPD-PERL(5) | File Formats Manual | SLAPD-PERL(5) |
slapd-perl - Perl backend to slapd
/etc/ldap/slapd.conf
The Perl backend to slapd(8) works by embedding a perl(1) interpreter into slapd(8). Any perl database section of the configuration file slapd.conf(5) must then specify what Perl module to use. Slapd then creates a new Perl object that handles all the requests for that particular instance of the backend.
You will need to create a method for each one of the following actions:
* new # creates a new object,
* search # performs the ldap search,
* compare # does a compare,
* modify # modifies an entry,
* add # adds an entry to backend,
* modrdn # modifies an entry's rdn,
* delete # deletes an ldap entry,
* config # module-specific config directives,
* init # called after backend is initialized.
Unless otherwise specified, the methods return the result code which will be returned to the client. Unimplemented actions can just return unwillingToPerform (53).
* object reference
* base DN
* scope
* alias dereferencing policy
* size limit
* time limit
* filter string
* attributes only flag (1 for yes)
* list of attributes to return (may be empty)
Return value: (resultcode, ldif-entry, ldif-entry, ...)
* object reference
* dn
* attribute assertion string
* object reference
* dn
* a list formatted as follows
({ "ADD" | "DELETE" | "REPLACE" },
attributetype, value...)...
* object reference
* entry in string format
* object reference
* dn
* new rdn
* delete old dn flag (1 means yes)
* object reference
* dn
* object reference
* array of arguments on line
Return value: nonzero if this is not a valid option.
* object reference
Return value: nonzero if initialization failed.
These slapd.conf options apply to the PERL backend database. That is, they must follow a "database perl" line and come before any subsequent "backend" or "database" lines. Other database options are described in the slapd.conf(5) manual page.
There is an example Perl module `SampleLDAP' in the slapd/back-perl/ directory in the OpenLDAP source tree.
The perl backend does not honor any of the access control semantics described in slapd.access(5); all access control is delegated to the underlying PERL scripting. Only read (=r) access to the entry pseudo-attribute and to the other attribute values of the entries returned by the search operation is honored, which is performed by the frontend.
The interface of this backend to the perl module MAY change. Any suggestions would greatly be appreciated.
Note: in previous versions, any unrecognized lines in the slapd.conf file were passed to the perl module's config method. This behavior is deprecated (but still allowed for backward compatibility), and the perlModuleConfig directive should instead be used to invoke the module's config method. This compatibility feature will be removed at some future date.
2018/12/19 | OpenLDAP |