[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/doc/man/man5 slapd-ldap.5

To: <Kurt@OpenLDAP.org>
Subject: Re: commit: ldap/doc/man/man5 slapd-ldap.5
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Fri, 14 May 2004 10:06:01 +0200 (CEST)
Cc: <openldap-commit2devel@OpenLDAP.org>
Importance: Normal
In-reply-to: <6.0.1.1.0.20040513161756.02cb7a48@127.0.0.1>
References: <200405132135.i4DLZdeq002513@cantor.openldap.org> <6.0.1.1.0.20040513161756.02cb7a48@127.0.0.1>

> Some suggestions...
>
> Start TLS?
> SASL Bind (for both bind and proxy authcid)
>   with authzid assertion (at SASL Bind time) for both

Need to look at this.  Also, the client's identity rewriting
is not in place yet.

>
> idassert-mode <dn> should likely be idassert-mode <authzid>.
> That is, either dn:uid=foo,dc=example,dc=com or u:foo should be
> allowed.

Reworked the rest accordingly.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it




    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Re: commit: ldap/doc/man/man5 slapd-ldap.5
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: commit: ldap/doc/man/man5 slapd-ldap.5
Next by Date: Identity assertion in proxy (Was: commit: ldap/doc/man/man5 slapd-ldap.5)
Index(es):
- Chronological
- Thread