[Date Prev][Date Next]
Re: SASL OTP and syncrepl
Pierangelo Masarati <firstname.lastname@example.org> wrote:
> I'm not a fan of OTP, but I believe this problem is worth being
> discussed not only with respect to OTP, but also because it may share
> issues with other auth methods where the directory stores auth-related
> data (like SASL auxprops).
> When everything is set up correctly, a client should not direct binds
> with this type of mech to a replica.
A simple solution in the single master situation is to redirect any SASL
OTP bind to the master. As far as I understand, we have no way of
configuring this right now, it needs at add some code, right?
The multi-master setup is much more complicated to get done right.