[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: saslAuthz{To|From}
At 07:55 AM 12/13/2003, Pierangelo Masarati wrote:
>Kurt D. Zeilenga wrote:
>>At 07:22 AM 12/13/2003, Pierangelo Masarati wrote:
>>
>>>dealing with realms is already supported: "u:jane@realm"
>>>(unless we accept "@" as a valid char in a userid, but
>>>this would lead to endless discussion, and it's already
>>>done somewhere else in the code :)
>>
>>@ is prefectly valid character in a userid.
>>@ is prefectly valid character in a realm.
>>Hence, writing userid@realm is a really bad idea.
>
>I knew I was entering a minefield. However,
>this is how user and realm are currently
>indicated in most software, including slapd,
>e.g. at leats in slap_sasl_getdn().
>
>So what? Let me forst implement my idea,
>then we can discuss this. It's likely to
>seamless to move realm and mech before
>the colon in the "u:<user>" syntax.
I don't mind allowing user@realm too much.
But user@realm/mech is bit problematic.
How about a compromise: u.mech:user@realm ?