1.1. Strict membership checking 1.2. Regular Expression based checking This module provides functionality for two different methods of group membership checking. 1.1. Strict membership checking The module uses a database table that contains a list of users and groups they belong to. The module provides the possibility to check if a specific user belongs to a specific group. There is no DB caching support, which means that each check involves a DB query. 1.2. Regular Expression based checking Another database table contains list of regular expressions and group IDs. A matching occurs if the user URI match the regular expression. This type of matching may be used to fetch the group ID(s) the user belongs to (via RE matching) . Due to performance reasons (regular expression evaluation), DB cache support is available: the table content is loaded into memory at startup and all regular expressions are compiled.
| Parámetro | Tipo | Descripción |
|---|---|---|
| db_url | string | 3.2. table (string) 3.3. user_column (string) 3.4. domain_column (string) 3.5. group_column (string) 3.6. use_domain (integer) 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (st |
| table | string | 3.3. user_column (string) 3.4. domain_column (string) 3.5. group_column (string) 3.6. use_domain (integer) 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple |
| user_column | string | 3.4. domain_column (string) 3.5. group_column (string) 3.6. use_domain (integer) 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| domain_column | string | 3.5. group_column (string) 3.6. use_domain (integer) 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| group_column | string | 3.6. use_domain (integer) 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| use_domain | integer | 3.7. re_table (string) 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| re_table | string | 3.8. re_exp_column (string) 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| re_exp_column | string | 3.9. re_gid_column (string) 3.10. multiple_gid (integer) |
| re_gid_column | string | 3.10. multiple_gid (integer) |
| multiple_gid | integer | 3.1. db_url (string) |
| db_url | string | URL of the database table to be used. |
| table | string | Name of the table holding strict definitions of groups and their members. |
| user_column | string | Name of the “table” column holding usernames. |
| domain_column | string | Name of the “table” column holding domains. |
| group_column | string | Name of the “table” column holding group names. |
| use_domain | integer | If enabled (set to a non zero value) then the domain will be used also used for strict group matching; otherwise only the username part will be used. |
| re_table | string | Name of the table holding definitions for regular-expression based groups. If no table is defined, the regular-expression support is disabled. |
| re_exp_column | string | Name of the “re_table” column holding the regular expression used for user matching. |
| re_gid_column | string | Name of the “re_table” column holding the group IDs. |
| multiple_gid | integer | If enabled (non zero value) the regular-expression matching will return all group IDs that match the user; otherwise only the first will be returned. |
4.2. get_user_group(URI, AVP)
4.1. is_user_in(URI, group)
This function is to be used for script group membership. The function returns true if username in the given URI is a member of the given group and false if not.
This function is to be used for regular expression based group membership. The function returns true if username in the given URI belongs to at least one group; the group ID(s) are returned as AVPs.
Copyright © 2003 FhG FOKUS
