[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL authentication, DIGEST-MD5 mechanism (ITS#2685)

To: openldap-its@OpenLDAP.org
Subject: SASL authentication, DIGEST-MD5 mechanism (ITS#2685)
From: suomi@ayni.com
Date: Thu, 14 Aug 2003 15:49:50 GMT

Full_Name: suomi hasler
Version: openldap-2.1.22-1
OS: Linux rosetta 2.4.19-4GB
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (195.141.97.126)


My config as far as SASL is concerned:

cyrus-sasl2-2.1.7-52



both userids (peter, suomi) are valid SASL userids with respective password
defined with 
saslpassword2 -c peter
saslpassword2 -c suomi




extract from /usr/local/openldap/etc/openldap/slapd.conf

access to *
        by dn="cn=suomi,ou=pam-ldap,dc=ayni,dc=com"     write
        by dn="cn=peter,ou=pam-ldap,dc=ayni,dc=com"     write
        by self write
        by * read

sasl-realm      rosetta
sasl-host       localhost
sasl-secprops   none

sasl-regexp uid=(.*),cn=.*,cn=.*,cn=auth
        cn=$1,ou=pam-ldap,dc=ayni,dc=com


My DIT has an entry for cn=suomi,ou=pam-ldap,dc=ayni,dc=com

 cn: suomi
 givenName: suomi
 objectClass: top
 objectClass: person
 objectClass: organizationalperson
 objectClass: inetorgperson
 sn: suomi
 userPassword: {SHA}3F0J9HvIdnzTDaIBp/a4ddwJ4kA=


My DIT has NO ENTRY for cn=peter,ou=pam-ldap,dc=ayni,dc=com

All the same the openldap server attributes me FULL CONTROL of the DIT when I
log in with SASL/DIGEST-MD5 using userid peter and the appropriate password.

If you consider this a feature rather than a bug, I would request to have such
behaviour well documented. 

Thank you very much

suomi

Prev by Date: Assertion failed in test020-syncreplication-cascading (ITS#2684)
Next by Date: errors on startup
Index(es):
- Chronological
- Thread