[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Accessing LDAP attributes inside slapd

>>>>> "Ganesan" == Ganesan R <rganesan-ldap@myrealbox.com> writes:

>>>>> "Mark" == Mark Adamson <adamson@andrew.cmu.edu> writes:

>> Look at the connection_internal_open() function in
>> servers/slapd/connection.c.  I needed to do something similar to what you
>> are doing when I was working on the SASL authorization code.

> Thanks. This looks like exactly what I need. I was wondering yesterday how
> SASL integration with secrets in the database will go about doing this and
> you already gave me the answer :-).

>> The *conn and *ldp are filled in with the Connection info you need for
>> backend searches and an *LDAP handle to use for reading back the search
>> results with the clientside LDAP libraries. Parameter *id is the NDN that
>> you want to claim to be on the "client" end of the connection.

> I am looking at your code in slapd/saslauthz.c to understand how to do
> this. 

Looking at slap_sasl_check_authz() it appears that you can directly call
backend_attribute() _without_ any connection or operation information to get
attribute values. Can I rely on this?