1. adding LDAP relevant RFC's

[openldap] / doc / rfc / rfc1960.txt

\r
\r
\r
\r
\r
\r
Network Working Group                                           T. Howes\r
Request for Comments: 1960                        University of Michigan\r
Obsoletes: 1558                                                June 1996\r
Category: Standards Track\r
\r
             A String Representation of LDAP Search Filters\r
\r
Status of this Memo\r
\r
   This document specifies an Internet standards track protocol for the\r
   Internet community, and requests discussion and suggestions for\r
   improvements.  Please refer to the current edition of the "Internet\r
   Official Protocol Standards" (STD 1) for the standardization state\r
   and status of this protocol.  Distribution of this memo is unlimited.\r
\r
1.  Abstract\r
\r
   The Lightweight Directory Access Protocol (LDAP) [1] defines a\r
   network representation of a search filter transmitted to an LDAP\r
   server.  Some applications may find it useful to have a common way of\r
   representing these search filters in a human-readable form.  This\r
   document defines a human-readable string format for representing LDAP\r
   search filters.\r
\r
2.  LDAP Search Filter Definition\r
\r
   An LDAP search filter is defined in [1] as follows:\r
\r
     Filter ::= CHOICE {\r
             and                [0] SET OF Filter,\r
             or                 [1] SET OF Filter,\r
             not                [2] Filter,\r
             equalityMatch      [3] AttributeValueAssertion,\r
             substrings         [4] SubstringFilter,\r
             greaterOrEqual     [5] AttributeValueAssertion,\r
             lessOrEqual        [6] AttributeValueAssertion,\r
             present            [7] AttributeType,\r
             approxMatch        [8] AttributeValueAssertion\r
     }\r
\r
     SubstringFilter ::= SEQUENCE {\r
             type    AttributeType,\r
             SEQUENCE OF CHOICE {\r
                     initial        [0] LDAPString,\r
                     any            [1] LDAPString,\r
                     final          [2] LDAPString\r
             }\r
     }\r
\r
\r
\r
Howes                       Standards Track                     [Page 1]\r
\f\r
RFC 1960                  LDAP Search Filters                  June 1996\r
\r
\r
     AttributeValueAssertion ::= SEQUENCE {\r
             attributeType   AttributeType,\r
             attributeValue  AttributeValue\r
     }\r
\r
     AttributeType ::= LDAPString\r
\r
     AttributeValue ::= OCTET STRING\r
\r
     LDAPString ::= OCTET STRING\r
\r
   where the LDAPString above is limited to the IA5 character set.  The\r
   AttributeType is a string representation of the attribute type name\r
   and is defined in [1].  The AttributeValue OCTET STRING has the form\r
   defined in [2].  The Filter is encoded for transmission over a\r
   network using the Basic Encoding Rules defined in [3], with\r
   simplifications described in [1].\r
\r
3.  String Search Filter Definition\r
\r
   The string representation of an LDAP search filter is defined by the\r
   following grammar.  It uses a prefix format.\r
\r
     <filter> ::= '(' <filtercomp> ')'\r
     <filtercomp> ::= <and> | <or> | <not> | <item>\r
     <and> ::= '&' <filterlist>\r
     <or> ::= '|' <filterlist>\r
     <not> ::= '!' <filter>\r
     <filterlist> ::= <filter> | <filter> <filterlist>\r
     <item> ::= <simple> | <present> | <substring>\r
     <simple> ::= <attr> <filtertype> <value>\r
     <filtertype> ::= <equal> | <approx> | <greater> | <less>\r
     <equal> ::= '='\r
     <approx> ::= '~='\r
     <greater> ::= '>='\r
     <less> ::= '<='\r
     <present> ::= <attr> '=*'\r
     <substring> ::= <attr> '=' <initial> <any> <final>\r
     <initial> ::= NULL | <value>\r
     <any> ::= '*' <starval>\r
     <starval> ::= NULL | <value> '*' <starval>\r
     <final> ::= NULL | <value>\r
\r
   <attr> is a string representing an AttributeType, and has the format\r
   defined in [1].  <value> is a string representing an AttributeValue,\r
   or part of one, and has the form defined in [2].  If a <value> must\r
   contain one of the characters '*' or '(' or ')', these characters\r
   should be escaped by preceding them with the backslash '\' character.\r
\r
\r
\r
Howes                       Standards Track                     [Page 2]\r
\f\r
RFC 1960                  LDAP Search Filters                  June 1996\r
\r
\r
   Note that although both the <substring> and <present> productions can\r
   produce the 'attr=*' construct, this construct is used only to denote\r
   a presence filter.\r
\r
4.  Examples\r
\r
   This section gives a few examples of search filters written using\r
   this notation.\r
\r
     (cn=Babs Jensen)\r
     (!(cn=Tim Howes))\r
     (&(objectClass=Person)(|(sn=Jensen)(cn=Babs J*)))\r
     (o=univ*of*mich*)\r
\r
5.  Security Considerations\r
\r
   Security considerations are not discussed in this memo.\r
\r
6.  Bibliography\r
\r
   [1] Yeong, W., Howes, T., and S. Kille, "Lightweight\r
       Directory Access Protocol", RFC 1777, March 1995.\r
\r
   [2] Howes, R., Kille, S., Yeong, W., and C. Robbins, "The String\r
       Representation of Standard Attribute Syntaxes", RFC 1778,\r
       March 1995.\r
\r
   [3] Specification of Basic Encoding Rules for Abstract Syntax\r
       Notation One (ASN.1).  CCITT Recommendation X.209, 1988.\r
\r
7.  Author's Address\r
\r
   Tim Howes\r
   University of Michigan\r
   ITD Research Systems\r
   535 W William St.\r
   Ann Arbor, MI 48103-4943\r
   USA\r
\r
   Phone: +1 313 747-4454\r
   EMail: tim@umich.edu\r
\r
\r
\r
\r
\r
\r
\r
\r
\r
\r
Howes                       Standards Track                     [Page 3]\r
\f\r