[Date Prev][Date Next]
Re: New tool
> At 09:26 AM 4/14/2004, Kurt D. Zeilenga wrote:
>>I have no problem with you committing such. Might be interesting to
>> extend the whoami test to use it. (Proxy authorization can
>>apply without use of SASL.)
> Not sure if your rewrite changes effects the syntax of
> saslAuthzTo/From attribute values, but if so, it would
> good to change these attributes' names, e.g.: authzTo/From.
Not directly. They just replace sasl-regexp, allowing more
sophisticate (e.g. recursive) rules, and (should) mimic the
existing behavior for backwards compatibility. I'll add the
"auth-regexp" directive, aliased by "sasl-regexp" for
> This would also reflect that they are not just for SASL.
> (e.g., can be used to support the proxy authorization control).
No problem; I note they're in the (evil) OID namespace of OpenLDAP,
so I guess we can change their specification.