[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: proxyAuthz value encoding

On Mon, 2006-01-09 at 11:37 -0800, Kurt D. Zeilenga wrote:
> At 10:52 AM 1/9/2006, Pierangelo Masarati wrote:
> >> We have a proxyOld.c module that we bundle with Connexitor that handles
> >> part of the problem. It dynamically adds a new control handler that
> >> recognizes the obsolete OID and parses its values, then does the usual
> >> slap_sasl_authorized validation. I don't think supporting this obsolete
> >> spec in the mainline code is a good idea.
> >
> >My problem is different:
> But can you workaround problems with the brain-damaged new
> control by using the old control instead?

I need to check (it's not under my control; will ask and report).

In any case, the code in back-ldap would need to be modified to allow
config selecting what version of the control to send.  As soon as we can
obtain the desired effect, each option is fine for me.  In any case,
we'll need to find a solution but, for the sake of generality and to
reduce the maintenance burden, I'd prefer whatever solution to merge
into mainstream code (as much as we can consider mainstream a
specialized backend).


Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it