[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3860) Referral chasing in back-ldap with rootdn

ando@sys-net.it wrote:
> The pseudo-root DN directive was a (partly broken) attempt to provide 
> some means to circumvent the need to accessing the remote server with a 
> valid identity instead of anonymously.  Back-ldap, in 2.3, has a much 
> more powerful means to assert identities, the "idassert" feature.  One 
> of its possible uses, which does not need the remote server to support 
> the proxyAuthz control, is to map selected identities on another 
> idenityt that is used to bind to the remote host.  I would consider 
> upgrading to 2.3 since it is unlikely tht any new feature is added to 2.2.
The "idassert" feature has been added to back-meta in HEAD code.  This 
ITS should be closed.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it