[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Bug in LDAP_CONTROL_PROXY_AUTHZ (ITS#2871)
Full_Name: Igor Brezac
Version: 2.1.25
OS: Solaris 9
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (209.170.142.3)
LDAP_CONTROL_PROXY_AUTHZ does not set mech which may create problems for some
sasl configurations. Here is my example.
sasl-regexp uid=(.*),cn=(.*),cn=(.*),cn=auth
associateddomain=$2+cn=$1,ou=people,o=pb
sasl-regexp uid=(.*),cn=(.*),cn=auth
cn=$1,ou=people,ou=admin,o=pb
If the first sasl-regexp is not present, the second one would fail as well.
==>slap_sasl2dn: converting SASL name uid=igor,cn=ipass.net,cn=auth to a DN
slap_sasl_regexp: converting SASL name uid=igor,cn=ipass.net,cn=auth
slap_sasl_regexp: converted SASL name to cn=igor,ou=people,ou=admin,o=pb
I expected something like (from ldapwhoami cmd tool):
<<< dnNormalize: <uid=pino,cn=ipass.net,cn=digest-md5,cn=auth>
==>slap_sasl2dn: converting SASL name
uid=igor,cn=ipass.net,cn=digest-md5,cn=auth to a DN
slap_sasl_regexp: converting SASL name
uid=igor,cn=ipass.net,cn=digest-md5,cn=auth
slap_sasl_regexp: converted SASL name to
associateddomain=ipass.net+cn=igor,ou=people,o=pb