ODSEE - Do ACI's Work the Same After Changing 'deny' Statements to 'allow' Statements?
(Doc ID 1596700.1)
Last updated on OCTOBER 31, 2019
Applies to:Oracle Directory Server Enterprise Edition - Version 6.0 and later
Information in this document applies to any platform.
In an ODSEE performance issue it was suggested to convert all the deny statements in ACIs to allow statements.
The following conversion yielded a performance increase of 20%:
deny (add,write,delete) --> allow (search, read, compare)
deny (write,add,delete,compare,proxy) --> allow (search, read)
Questions: Will the new allow statements yield the same security access rights as the original deny statements?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document