Simple request criteria
Use simple request criteria to match requests based on a broad set of properties.
These properties include the following.
Property | Description |
---|---|
|
The set of operation types for requests that might match this criteria. By default, all of the following operation types are included:
|
|
Specifies the origin for operations that might match this criteria. By default, all of the following operation types are included:
|
|
An optional reference to a connection criteria object that must match the connection associated with requests that might match this criteria. |
|
An optional set of the OIDs of controls that can be included in requests that might match this criteria. If multiple OIDs are specified, then the request must include all of those controls. |
|
An optional set of the OIDs of controls that can be included in requests that might match this criteria. If multiple OIDs are specified, then the request must include at least one of those controls. |
|
An optional set of the OIDs of controls that should not be included in requests that might match this criteria. If multiple OIDs are specified, then the request can optionally include one or more of those controls as long as it does not have all of them. |
|
An optional set of the OIDs of controls that should not be included in requests that might match this criteria. If multiple OIDs are specified, then the request must not include any of them. |
|
An optional set of base distinguished names (DNs) for entries targeted by requests that match this criteria. |
|
An optional set of base DNs for entries targeted by requests that will not match this criteria. |
|
An optional set of filters that should match the target entry for requests that match this criteria. If multiple filters are specified, then the target entry must match all of them. |
|
An optional set of filters that should match the target entry for requests that match this criteria. If multiple filters are specified, then the target entry must match at least one of them. |
|
An optional set of filters that should not match the target entry for requests that match this criteria. If multiple filters are specified, then the target entry can optionally match one or more of them as long as it does not match all of them. |
|
An optional set of filters that should not match the target entry for requests that match this criteria. If multiple filters are specified, then the target entry must not match any of them. |
|
An optional set of the DNs of groups in which the target entry should be a member for requests that match this criteria. If multiple group DNs are specified, then the target entry must be a member of all of them. |
|
An optional set of the DNs of groups in which the target entry should be a member for requests that match this criteria. If multiple group DNs are specified, then the target entry must be a member of at least one of them. |
|
An optional set of the DNs of groups in which the target entry should not be a member for requests that match this criteria. If multiple group DNs are specified, then the target entry can optionally be a member of one or more of them as long as it is not a member of all of them. |
|
An optional set of the DNs of groups in which the target entry should not be a member for requests that match this criteria. If multiple group DNs are specified, then the target entry must not be a member of any of them. |
|
The authentication types for bind requests that can match this criteria. This property is ignored for non-bind requests. By default, this includes both of the following values:
|
|
An optional set of the names of SASL mechanisms for SASL bind requests that might match this criteria. This is ignored for all requests other than SASL bind requests. |
|
An optional set of the names of SASL mechanisms for SASL bind requests that do not match this criteria. This is ignored for all requests other than SASL bind requests. |
|
An optional set of the target attributes for requests that might match this criteria. For add requests, the entry to add must include at least one of the target attributes. For compare requests, one of the target attributes must be used in the assertion. For modify requests, at least one modification must include one of the target attributes. For modify DN requests, at least one of the target attributes must be included in the new RDN. For search requests, at least one of the target attributes must be used in the filter. This property is ignored for other types of requests. |
|
An optional set of the target attributes for requests that do not match this criteria. |
|
An optional set of the OIDs for extended requests that might match this criteria. This is ignored for all requests other than extended requests. |
|
An optional set of the OIDs for extended requests that might not match this criteria. This is ignored for all requests other than extended requests. |
|
The allowed scope values for search requests that might match this criteria. This is ignored for all requests other than search. By default, this includes all of the following values:
|
|
Indicates whether to match requests based on their use of a worker thread from the administrative thread pool. The value can be one of the following:
|
|
An optional set of application names for requests that might match this criteria. The application name for a request can either be specified by either the operation purpose request control or the intermediate client request control. Requests without an application name do not match. |
|
An optional set of application names for requests that do not match this criteria. Requests with an application name might match this criteria. |
The default settings for the simple request criteria match any request. If you set values for multiple properties, then it essentially behaves as a logical AND
, and the criteria only matches requests that match all of those properties.
Properties that are based on the target entry for the request are ignored for abandon and unbind requests, since they do not target a specific entry. They are also ignored for SASL bind and extended requests because the process for determining the target entry, if there is one, depends on decoding that is specific to the type of SASL mechanism or extended request. For search requests, the target entry DN is the search base DN. |