[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sasl proxy authorization and regexp

To: <raissad@ucb.br>
Subject: Re: sasl proxy authorization and regexp
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Fri, 26 Mar 2004 15:04:38 +0100 (CET)
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <F7B2EBBB082ABD4BA4FD4A0ADA80A9621EF578@jaguar.ucb.br>
References: <F7B2EBBB082ABD4BA4FD4A0ADA80A9621EF578@jaguar.ucb.br>

see "sasl-authz-policy" in slapd.conf(5) to enable sasl authz.

p.

> Hello!
>
> I'm trying to configure SASL proxy authorization in my distributed
> directory.
>
> I added the user uid=joao,cn=campusII,dc=ucb,dc=br in SASL database
> (joao@ares.cesmic.ucb.br) and in OpenLDAP tree. In OpenLDAP entry, I
> added the saslAuthzTo attribute as bellow:
>
> dn: uid=joao,cn=CampusII,dc=ucb,dc=br
> changetype: modify
> add: saslAuthzTo
> saslAuthzTo: dn.regex:uid=.*,cn=CampusII,dc=ucb,dc=br
>
> The ACLs allow read/write for everybody.
>
> However, this regexp does not work. If I put
>
> dn: uid=joao,cn=CampusII,dc=ucb,dc=br
> changetype: modify
> add: saslAuthzTo
> saslAuthzTo: dn.regex:uid=fgoulart,cn=CampusII,dc=ucb,dc=br
>
> the user Joao authorizes the user fgoulart. But when I try to use the
> regexp, joao does not authorizes fgoulart.
>
> Could anybody help me, please?
>
> Thanks in advance,
> Raissa


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

References:
- sasl proxy authorization and regexp
  - From: "Raissa Dantas Freire de Medeiros" <raissad@ucb.br>

Prev by Date: openLDAP + Oracle
Next by Date: Re: openLDAP + Oracle
Index(es):
- Chronological
- Thread