[Date Prev][Date Next] [Chronological] [Thread] [Top]

sasl proxy authorization and regexp

To: <openldap-software@OpenLDAP.org>
Subject: sasl proxy authorization and regexp
From: "Raissa Dantas Freire de Medeiros" <raissad@ucb.br>
Date: Fri, 26 Mar 2004 10:04:26 -0300
Content-class: urn:content-classes:message
Thread-index: AcQTMt3qXu1o3HYBQRmazvFQKEo5Tw==
Thread-topic: sasl proxy authorization and regexp

Hello!

I'm trying to configure SASL proxy authorization in my distributed directory.

I added the user uid=joao,cn=campusII,dc=ucb,dc=br in SASL database (joao@ares.cesmic.ucb.br) and in OpenLDAP tree. In OpenLDAP entry, I added the saslAuthzTo attribute as bellow:

dn: uid=joao,cn=CampusII,dc=ucb,dc=br
changetype: modify
add: saslAuthzTo
saslAuthzTo: dn.regex:uid=.*,cn=CampusII,dc=ucb,dc=br

The ACLs allow read/write for everybody.

However, this regexp does not work. If I put

dn: uid=joao,cn=CampusII,dc=ucb,dc=br
changetype: modify
add: saslAuthzTo
saslAuthzTo: dn.regex:uid=fgoulart,cn=CampusII,dc=ucb,dc=br

the user Joao authorizes the user fgoulart. But when I try to use the regexp, joao does not authorizes fgoulart.

Could anybody help me, please?

Thanks in advance,
Raissa

Follow-Ups:
- Re: sasl proxy authorization and regexp
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: sasl proxy authorization and regexp
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Re: Is there an "official" Mozilla schema for OpenLDAP
Next by Date: Re: Is there an "official" Mozilla schema for OpenLDAP
Index(es):
- Chronological
- Thread