[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5555) authzTo ACL check for wrong principal

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5555) authzTo ACL check for wrong principal
From: andrew.findlay@skills-1st.co.uk
Date: Mon, 16 Jun 2008 18:01:49 GMT

On Mon, Jun 16, 2008 at 07:29:12PM +0200, Pierangelo Masarati wrote:

> Not sure what you mean there, but I believe the fact that the 
> implementation is in saslauth.c is for mere historical reasons.  Right 
> now, authorization code is independent from SASL, and is used by a 
> number of features: SASL authz, RFC 4370, identity assertion, dgIdentity 
> and more.

I was referring to documentation, where the only bit of the admin
guide that really talks about proxy authorisation is the SASL section.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

Prev by Date: Re: (ITS#5555) authzTo ACL check for wrong principal
Next by Date: Re: (ITS#5555) authzTo ACL check for wrong principal
Index(es):
- Chronological
- Thread