The AACLS acronym stands for "Advanced ACL Server". This a backend of the LDAP OpenLDAP server, in other words, a LDAP content filtering gateway based on an ACL langage used to describe relations between entries. These ACL are stored in the directory and control the access given to entries and attributes.
Of course you can use other ACL systems like classical ACLs or ACI, but you cannot describe relation between entries and give rights depending on them ! You have ways to designed your directory in a such way you don't need this but you are going to loose all the trees power.
Because this server use a very complex way of determining access on information stored in a LDAP Server, you have to be warned about performance issues in using this software : for example, it is completely inappropriate to use an OS or clients which are very time dependant with this backend !!!
Just some words about history :
This software is based on the work done by Jean-Baptiste Nataf. This computer engineer is working for "Université Pierre et Marie Curie - Paris VI" in France. The main idea is that : The need of a better ACL system is based on the fact that simple systems are too far from the real world !
The first implementation has been done on an PHP application server. But the need of speed motivate us to write it as an OpenLDAP backend.
All the source code is available through http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/aacls. But at this time no package has been done.
Any help and comments are welcomed at seb@stien.info.