[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: New tool

> At 09:26 AM 4/14/2004, Kurt D. Zeilenga wrote:
>>I have no problem with you committing such.  Might be interesting to
>> extend the whoami test to use it.  (Proxy authorization can
>>apply without use of SASL.)
> Not sure if your rewrite changes effects the syntax of
> saslAuthzTo/From attribute values, but if so, it would
> good to change these attributes' names, e.g.:  authzTo/From.

Not directly.  They just replace sasl-regexp, allowing more
sophisticate (e.g. recursive) rules, and (should) mimic the
existing behavior for backwards compatibility.  I'll add the
"auth-regexp" directive, aliased by "sasl-regexp" for

> This would also reflect that they are not just for SASL.
> (e.g., can be used to support the proxy authorization control).

No problem; I note they're in the (evil) OID namespace of OpenLDAP,
so I guess we can change their specification.


Pierangelo Masarati