Add initial LDAP attribute ACL verifier

A new ACL type, ldap-attr (Wallet::ACL::LDAP::Attribute), is now
supported.  This ACL type grants access if the LDAP entry
corresponding to the principal contains the attribute name and value
specified in the ACL.  The Net::LDAP and Authen::SASL Perl modules are
required to use this ACL type.  New configuration settings are
required as well; see Wallet::Config for more information.  To enable
this ACL type for an existing wallet database, use wallet-admin to
register the new verifier.

1 files changed, 2 insertions, 0 deletions

diff --git a/perl/Wallet/Schema.pm b/perl/Wallet/Schema.pm
index 7400776..5c6b9ca 100644
--- a/perl/Wallet/Schema.pm
+++ b/perl/Wallet/Schema.pm
@@ -277,6 +277,8 @@ Holds the supported ACL schemes and their corresponding Perl classes:
   insert into acl_schemes (as_name, as_class)
       values ('krb5-regex', 'Wallet::ACL::Krb5::Regex');
   insert into acl_schemes (as_name, as_class)
+      values ('ldap-attr', 'Wallet::ACL::LDAP::Attribute');
+  insert into acl_schemes (as_name, as_class)
       values ('netdb', 'Wallet::ACL::NetDB');
   insert into acl_schemes (as_name, as_class)
       values ('netdb-root', 'Wallet::ACL::NetDB::Root');