[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: EXTERNAL/ldap://127.0.0.1/



On Mon, 17 Mar 2003, Howard Chu wrote:

> > -----Original Message-----
> > From: owner-openldap-devel@OpenLDAP.org
> > [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of Igor Brezac
>
> > What do you think about making EXTERNAL/ldap://127.0.0.1/
> > work the same as
> > EXTERNAL/ldapi:///?  Unix domain sockets on solaris are not
> > that great.
> > :(
>
> There is no mechanism for passing Unix credentials across an IP socket. The
> SASL/EXTERNAL mechanism requires that the external security layer
> communicates a user ID from the client to the server; you cannot do this over
> an IP socket without a protocol like Kerberos, SSL, etc...
>

I understand that, but I was wondering if loopback interface can be
treated the same as unix domain socket when it comes to EXTERNAL mech?  I
am running into performance and stability issue with ldapi on solaris.
;(

-- 
Igor