[Date Prev][Date Next]
On Mon, 17 Mar 2003, Howard Chu wrote:
> > -----Original Message-----
> > From: owner-openldap-devel@OpenLDAP.org
> > [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of Igor Brezac
> > What do you think about making EXTERNAL/ldap://127.0.0.1/
> > work the same as
> > EXTERNAL/ldapi:///? Unix domain sockets on solaris are not
> > that great.
> > :(
> There is no mechanism for passing Unix credentials across an IP socket. The
> SASL/EXTERNAL mechanism requires that the external security layer
> communicates a user ID from the client to the server; you cannot do this over
> an IP socket without a protocol like Kerberos, SSL, etc...
I understand that, but I was wondering if loopback interface can be
treated the same as unix domain socket when it comes to EXTERNAL mech? I
am running into performance and stability issue with ldapi on solaris.