[Freeipa-devel] [freeipa PR#398][comment] Support for Certificate Identity Mapping
HonzaCholasta
freeipa-github-notification at redhat.com
Tue Feb 14 13:57:42 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/398
Title: #398: Support for Certificate Identity Mapping
HonzaCholasta commented:
"""
@flo-renaud, nevermind the `default_from` suggestion, I was wrong - if e.g. both `--certmapdata` and `--certificate` are specified, we want to use both, not throw away `--certificate`, which is exactly what would happen if `--certmapdata` had default derived from `--certificate`.
One more issue, I think the `--certmapdata` option in `user-add-certmapdata` and friends should actually be a positional argument, as that would be more consistent with existing commands. The common pattern is that positional arguments are used to specify the literal value of the attribute (such as principal name in `user-add-principal`), but options need some preprocessing (such as conversion from UID to DN in `group-add-member`). Currently the only exception to this scheme is `user-add-cert` and friends, but that's only because the original intent was to add a certificate file positional argument, but it never happened.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/398#issuecomment-279713429
More information about the Freeipa-devel
mailing list