[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: checking for bound user

> -----Original Message-----
> From: owner-openldap-devel@OpenLDAP.org
> [mailto:owner-openldap-devel@OpenLDAP.org]On Behalf Of David Parker

> A follow-up question on the bound user:
> Once my overlay has bound a user, I want subsequent 
> operations (add,modify,etc) to be verify that the op->o_ndn 
> was bound with my overlay's method, i.e., I don't want a user 
> bound by another backend to be able to perform operations in 
> my overlay. I might be able to achieve the functionality I 
> want with ACLs, as well, but I wanted to check the 
> feasibility of this other approach.

The backend that performed the authentication for the current session is
recorded in conn->c_authz_backend. All you have to do is compare that against
your backend.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

<<attachment: winmail.dat>>