[Date Prev][Date Next]
Re: Proxy Authorization and ldap_sasl_interactive_bind_s
At 08:40 AM 7/8/2003, email@example.com wrote:
>I've searched through the archives and also the Faq-O-Matic,
>but I can't find any answers to these questions.
>We're developing a ldap client that uses OpenLDAP 2.1 and proxy
>authorization. The only way I've found to do proxy authorization is
>with ldap_sasl_interactive_bind_s. In order to use
>ldap_sasl_interactive_bind_s I have to allocate a lutil_sasl_defaults
>structure, and I have to pass lutil_sasl_interact as a sasl interaction
>function. The lutil_sasl_defaults structure is defined in
>include/lutil_ldap.h and lutil_sasl_interact is in liblutil.a.
>Why isn't lutil_ldap.h and liblutil.a installed when the
>rest of openldap is installed?
-llutil is considered a private library of helper routines.
When lutil_sasl_interact was written, it was viewed as
specific to OpenLDAP shipped clients.
>Are there other ways to do proxy authorization that don't use
For SASL proxy authorization, the only alternative to
ldap_sasl_interactive_bind_s is to call ldap_sasl_bind()
directly... but that requires you to implement the
Alternatively to SASL proxy authorization, you can use the
LDAP proxy authorization control (on a per operation basis).