Re: support for LDAP URLs

Peter Eisentraut wrote:
> Here is a patch to support RFC 2255 LDAP URLs in pg_hba.conf. So,
> instead of, say
>
> host ... ldap ldapserver=ldap.example.net ldapbasedn="dc=example, dc=net" ldapsearchattribute=uid
>
> you could write
>
> host ... ldap lapurl="ldap://ldap.example.net/dc=example,dc=net?uid?sub"

Should we be referencing RFC 4516 instead?

I'm not very fond of the way this entry is worded:

> + <varlistentry>
> + <term><literal>ldapurl</literal></term>
> + <listitem>
> + <para>
> + You can write most of the LDAP options alternatively using an RFC 2255
> + LDAP URL. The format is
> +<synopsis>
> +ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>](at)]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
> +</synopsis>
> + <replaceable>scope</replaceable> must be one
> + of <literal>base</literal>, <literal>one</literal>, <literal>sub</literal>,
> + typically the latter. Only one attribute is used, and some other
> + components of standard LDAP URLs such as filters and extensions are
> + not supported.
> + </para>

It seems completely unlike the rest, and it doesn't read like a
reference entry. How about starting with para containing just "An RFC
4516 LDAP URL", or something like that, and then expanding on the
details of the format outside the <varlist>?

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services