[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticate to ldap using Kerberos

To: "Howard Chu" <hyc@symas.com>
Subject: Re: Authenticate to ldap using Kerberos
From: masarati@aero.polimi.it
Date: Thu, 9 Sep 2010 23:49:04 +0200 (CEST)
Cc: Quanah Gibson-Mount <quanah@zimbra.com>, openldap-technical@openldap.org
Importance: Normal
In-reply-to: <4C8953B1.4080500@symas.com>
References: <207bd0ddd5679c08fda7f7b3a0c606e5@squirrel-systems.com> <20100908171543.GD3297@dan.olp.net> <1283998880.31888.2.camel@cashew.squirrel> <20100909023432.GC2687@dan.olp.net> <1284005848.2999.1.camel@cashew.squirrel> <4C888159.6010000@symas.com> <1284016331.6724.14.camel@cashew.squirrel> <87r5h3ux1c.fsf@magenta.l4b.de> <1284023586.9542.24.camel@cashew.squirrel> <2192E3262D1795A22D9E5726@[192.168.1.2]> <5d022d9b1675d7e776f58e7205d700a1.squirrel@www.aero.polimi.it> <4C8953B1.4080500@symas.com>
User-agent: SquirrelMail/1.4.15

>> Quanah, I know that in the past you, Howard and others have contributed
>> pieces of software to other LDAP-enabled software to enable SASL auth.
>>
>> I had myself some bad experience in contributing things to software
>> maintainers that did not even understand the need or the importance of
>> what I was trying to contribute, but that's another story.
>>
>> Maybe we could try, as the OpenLDAP project rather than as individuals,
>> to
>> promote and support better LDAP (not just OpenLDAP) integration in other
>> generally useful FLOSS that can interact with OpenLDAP.
>
> I'm ok with spending time on this, but I don't use evolution and have no
> direct need to get it working. How do we decide which "generally useful
> FLOSS"
> should get our attention?

Well, the users of LDAP-capable FLOSS should :).  My point is that
developers of some LDAP-capable software, possibly pushed by requests from
their users, should ask for support in better LDAP-enabling their
software.  This is not because LDAP-enabling software requires software
sorcerers; only, with the support of the OL project it would probably
require much less effort, and possibly lead to much better results.  Think
for example how long it took you to write ldapdb for SASL.

Of course this is not going to happen out of the blue; we'd probably need
to advertise our availability, and give minimal commitment (in this, of
course, everybody would commit only for himself).  For example, users
could "audit" the LDAP-friendliness of other software, and identify room
for improvement.

p.

References:
- Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>
- Re: Authenticate to ldap using Kerberos
  - From: Dan White <dwhite@olp.net>
- Re: Authenticate to ldap using Kerberos
  - From: Dan White <dwhite@olp.net>
- Re: Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>
- Re: Authenticate to ldap using Kerberos
  - From: Howard Chu <hyc@symas.com>
- Re: Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>
- Re: Authenticate to ldap using Kerberos
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: Authenticate to ldap using Kerberos
  - From: Wouter van Marle <wouter@squirrel-systems.com>
- Re: Authenticate to ldap using Kerberos
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: Authenticate to ldap using Kerberos
  - From: masarati@aero.polimi.it
- Re: Authenticate to ldap using Kerberos
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Authenticate to ldap using Kerberos
Next by Date: Re: GSSAPI Bind across trusted realms
Index(es):
- Chronological
- Thread