[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP & Cyrus-SASL: how to specify mech_list

To: openldap-software@OpenLDAP.org
Subject: OpenLDAP & Cyrus-SASL: how to specify mech_list
From: Timo Felbinger <timo.felbinger@physik.uni-potsdam.de>
Date: Thu, 22 Sep 2005 18:21:16 +0200
Content-disposition: inline
Delivered-to: outfilter-openldap-software@OpenLDAP.org@relay
User-agent: Mutt/1.4.2i

Hello,

what is the correct way to specify the list of allowed SASL mechanisms,
in an OpenLDAP-server using Cyrus-SASL?

The cyrus-sasl documentation mentions the option mech_list, but I cannot
figure out where and how to specify this. Following some examples I found
on the net, I tried to include e.g.
  sasl-mech_list: PLAIN
into my slapd.conf, which I hoped would disable all SASL mechanisms but
PLAIN, but it didn't have any effect: the server still allowed me to
authenticate using e.g. EXTERNAL authentication.

I also tried to specify mech_list in a separate per-application config
file for the sasl library,
  /usr/lib/sasl2/slapd.conf
but this file does not even get accessed by the server.

What am I missing here?
And: is there a way to obtain from the server a complete list of
authentication mechanisms which it is willing to accept?


Thanks in advance,

Greetings,

Timo


-- 
Timo Felbinger                  <Timo.Felbinger@physik.uni-potsdam.de>
Quantum Physics Group           http://www.quantum.physik.uni-potsdam.de
Institut fuer Physik            Tel: +49 331 977 1793      Fax: -1767
Universitaet Potsdam, Germany   PGP key-id: E92567B2

Follow-Ups:
- Re: OpenLDAP & Cyrus-SASL: how to specify mech_list
  - From: Howard Chu <hyc@symas.com>
- Re: OpenLDAP & Cyrus-SASL: how to specify mech_list
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: Replication problem
Next by Date: Re: OpenLDAP & Cyrus-SASL: how to specify mech_list
Index(es):
- Chronological
- Thread