4618N/A# The contents of this file are subject to the terms of the
4618N/A# Common Development and Distribution License, Version 1.0 only
4618N/A# (the "License"). You may not use this file except in compliance
4618N/A# You can obtain a copy of the license at
4618N/A# See the License for the specific language governing permissions
4618N/A# and limitations under the License.
4618N/A# When distributing Covered Code, include this CDDL HEADER in each
4618N/A# file and include the License file at
4618N/A# add the following below this CDDL HEADER, with the fields enclosed
4618N/A# by brackets "[]" replaced with your own identifying information:
4618N/A# Portions Copyright [yyyy] [name of copyright owner]
4618N/A# Copyright 2009 Sun Microsystems, Inc.
4618N/Aaci: (target="ldap:///dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; allow (all)(userdn = "ldap:///uid=my_application,dc=groups,dc=com");)
4618N/Aaci: (target="ldap:///ou=static,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_staticgroup1,dc=groups,dc=com");)
4618N/Aaci: (target="ldap:///ou=static,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_staticgroup2,dc=groups,dc=com");)
4618N/Aaci: (target="ldap:///ou=dynamic,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_dynamicgroup1,dc=groups,dc=com");)
4618N/Aaci: (target="ldap:///ou=dynamic,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_dynamicgroup2,dc=groups,dc=com");)