Re: support for LDAP URLs

Peter Eisentraut wrote:
> Here is a patch to support RFC 2255 LDAP URLs in pg_hba.conf.  So,
> instead of, say
>
> host ... ldap ldapserver=ldap.example.net ldapbasedn="dc=example, dc=net" ldapsearchattribute=uid
>
> you could write
>
> host ... ldap lapurl="ldap://ldap.example.net/dc=example,dc=net?uid?sub"

Should we be referencing RFC 4516 instead?


I'm not very fond of the way this entry is worded:

> +      <varlistentry>
> +       <term><literal>ldapurl</literal></term>
> +       <listitem>
> +        <para>
> +         You can write most of the LDAP options alternatively using an RFC 2255
> +         LDAP URL.  The format is
> +<synopsis>
>
+ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
> +</synopsis>
> +         <replaceable>scope</replaceable> must be one
> +         of <literal>base</literal>, <literal>one</literal>, <literal>sub</literal>,
> +         typically the latter.  Only one attribute is used, and some other
> +         components of standard LDAP URLs such as filters and extensions are
> +         not supported.
> +        </para>

It seems completely unlike the rest, and it doesn't read like a
reference entry.  How about starting with para containing just "An RFC
4516 LDAP URL", or something like that, and then expanding on the
details of the format outside the <varlist>?

--
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services