[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: FW: programming using ldap api calls

To: "Ang, Melissa" <MAng@axsone.com>
Subject: RE: FW: programming using ldap api calls
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 08 Apr 2004 13:33:23 -0700
Cc: "Openldap Ldap Server (E-mail)" <openldap-software@OpenLDAP.org>
In-reply-to: <8B508C0CF15D4F4D82C9EA3B67B5274CECD30F@corpmx1.ctronsoft.c om>
References: <8B508C0CF15D4F4D82C9EA3B67B5274CECD30F@corpmx1.ctronsoft.com>

At 01:19 PM 4/8/2004, Ang, Melissa wrote:
>ldap can only talk to gssapi through sasl? isn't gssapi a lower level protocol. is it possible to directly use gssapi without having to implement sasl?

In the LDAP (and SASL) context, the term "GSSAPI" refers to a
particular SASL mechanism, which is a Kerberos V GSSAPI mechanism,
identified by the token "GSSAPI".  SASL supports a number of other
GSSAPI mechanisms, they are identified by other tokens.

It certainly possible to design a LDAP bind method (or a SASL
mechanism) which supported multiple GSSAPI mechanisms, but that
just isn't how its done today.

Kurt

References:
- RE: FW: programming using ldap api calls
  - From: "Ang, Melissa" <MAng@axsone.com>

Prev by Date: Solaris Replica Problem
Next by Date: Re: OpenLDAP fails on reboot
Index(es):
- Chronological
- Thread