[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: saslAuthzTo and regexp troubles



> Hi Pierangelo,
>
> thanks for your reply. I tried
>
> saslAuthzTo: dn.regexp: uid=.*,ou=MailCustomers,dc=bestsolution,dc=at
>
> ... which is wrong because of the whitespace between "dn.regexp: uid"
> and even worse "dn.regexp:" should be "dn.regex:".

I think the whitespace is tolerated; but regexp not;)

>
> For the sake of consistency I think sasl-regexp should somewhen be
> renamed to sasl-regex as well ...

In 2.3 it becomes authz-regexp (the trailing "p" is there for historical
reasons, as far as I understand; however, it's missing from the style
specifier for consistency across slapd's internals).

However, all of that is being superseded by authid-rewrite* statements,
which are currently undocumented; actually, in 2.3 authz-regexp is
converted in the corresponding authid-rewrite* statements, which are much
more powerful (and dangerous...).

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497