[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: EXTERNAL/ldap://

On Mon, 17 Mar 2003, Howard Chu wrote:

> > -----Original Message-----
> > From: owner-openldap-devel@OpenLDAP.org
> > [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of Igor Brezac
> > What do you think about making EXTERNAL/ldap://
> > work the same as
> > EXTERNAL/ldapi:///?  Unix domain sockets on solaris are not
> > that great.
> > :(
> There is no mechanism for passing Unix credentials across an IP socket. The
> SASL/EXTERNAL mechanism requires that the external security layer
> communicates a user ID from the client to the server; you cannot do this over
> an IP socket without a protocol like Kerberos, SSL, etc...

I understand that, but I was wondering if loopback interface can be
treated the same as unix domain socket when it comes to EXTERNAL mech?  I
am running into performance and stability issue with ldapi on solaris.