[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL support in back-ldap & back-meta (ITS#3022)

>With CRAM-MD5, the native SASL
>authz doesn't work, i.e. the proxy remains bound with the administrative
>identity instead of authz'ing as the initial user.
I've added an (undocumented) parameter to the SASL auth which instructs
the proxy that the selected mech can do native authz.  Use

idassert-method sasl [other params...] authz=native

otherwise, the proxy will fall back to the proxyauthz control applied to 


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497