[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL support in back-ldap & back-meta (ITS#3022)

To: openldap-its@OpenLDAP.org
Subject: Re: SASL support in back-ldap & back-meta (ITS#3022)
From: ando@sys-net.it
Date: Sat, 19 Jun 2004 16:17:49 GMT

>
>
>With CRAM-MD5, the native SASL
>authz doesn't work, i.e. the proxy remains bound with the administrative
>identity instead of authz'ing as the initial user.
>
I've added an (undocumented) parameter to the SASL auth which instructs
the proxy that the selected mech can do native authz.  Use

idassert-method sasl [other params...] authz=native

otherwise, the proxy will fall back to the proxyauthz control applied to 
each
operation.

p.



    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: SASL support in back-ldap & back-meta (ITS#3022)
Next by Date: supporting range retrieval (ITS#3193)
Index(es):
- Chronological
- Thread