[Date Prev][Date Next]
RE: Newbie OpenLDAP-SASL question
At 11:45 PM 2002-02-14, Howard Chu wrote:
>Using "u:dn:cn=foo,..." is not legal. The docs say you must use either a
>"u:" prefix or a "dn:" prefix, you cannot use both at once. And as I noted
>in my previous message, the released code only allows a "u:" prefix. This
>considered a bug,
It's not a bug. 2.0 doesn't support SASL Proxy Authorization.
Since the user is not attempting a proxy authorization, the
authzid should be not-present/empty.
2.1 will support SASL Proxy Authorization. However, unless
the user is attempting proxy authorization, the user should
not specify an authzid.