[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Has anyone found a workaround? SASL/LDAP

To: Howard Chu <hyc@highlandsun.com>
Subject: RE: Has anyone found a workaround? SASL/LDAP
From: "Steven J. Sobol" <sjsobol@JustThe.net>
Date: Sat, 4 Oct 2003 13:50:11 -0400 (EDT)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <001701c38a9c$51e2b890$1801a8c0@CELLO>

On Sat, 4 Oct 2003, Howard Chu wrote:

> I'm not sure I see what advantage you're getting from using SASL and LDAP
> together like this, as you're only getting plaintext authentication. But
> certainly, you can use saslauthd with LDAP directly (and skip the PAM step).
> As the saslauthd is a separate process, there should be no reentrancy issues.
> 
> But in the meantime, there was never any reentrancy issue in the first place.

> Note - this assumes Cyrus SASL 2.1 and OpenLDAP 2.1. If you're using Cyrus
> SASL 1.5, all bets are off; there are far too many bugs remaining in that
> code base.

That was probably a large part of my problem. I was indeed using 1.5. I'm
using SASL 2.1 now, on the box I'm building - but right now I'm using the
latest OpenLDAP RPM for Red Hat 8.0, and that's OpenLDAP 2.0.27. Will
this cause a problem? Should I upgrade to 2.1 before putting any users
onto the server?

Thanks for the comments.

-- 
JustThe.net Internet & Multimedia Services
22674 Motnocab Road * Apple Valley, CA 92307-1950 
Steve Sobol, Proprietor 
888.480.4NET (4638) * 248.724.4NET * sjsobol@JustThe.net

Follow-Ups:
- RE: Has anyone found a workaround? SASL/LDAP
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- RE: Has anyone found a workaround? SASL/LDAP
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: RE: Has anyone found a workaround? SASL/LDAP
Next by Date: Re: Has anyone found a workaround? SASL/LDAP
Index(es):
- Chronological
- Thread