[Date Prev][Date Next]
RE: Modifying backend...
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of firstname.lastname@example.org
> What are the appropriate functions to use to e.g. get a particular
> from an entry -from within a backend- ?
> In our current production LDAP, we're running a custom
> authentication I hacked
> into the back-ldbm. I pull the username out of the DN, because it
> happens to
> be there. (don't ask. ;)
A beter way would be to add a scheme to liblutil/passwd.c. Another
alternative would be to use Cyrus SASL and add a module for your auth
mechanism to SASL.
> So, if I'm attempting to authenticate, I can locate the record,
> but the userid
> is no longer present in the DN, so I have to get an attribute.
> I've been digging through the back-end code and am pretty sure
> that I can get
> what I want from attr_find. Unfortunately all of the criteria and return
> values appear to be special BERish constructs. I haven't had much luck
> searching for the right helper functions to e.g. generate an
> AttributeDescription that means "use the attribute named 'uid'". I can
> construct one by hand, but that seems like I'd be doing it the stupid way.
Look at how slapd does it. See slap_str2ad() and slap_bv2ad() in ad.c.
> Can anyone point me at the right chunk of documentation or source
> that would
> make the tools available to do this more clear?
The source code *is* the documentation. Text documents can be misinterpreted
or out of date. Source code never lies.
> I've looked some at the other backends, and they seem to use lower-level
> functions to glean data, so should I really be doing LDBM calls and parsing
> the contents by hand? Ugh.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support