[Date Prev][Date Next] [Chronological] [Thread] [Top]

SuffixMassage and RewriteContext bindDN / Password Rewriting (2.2.23)



Hi all!

I'm trying to obfuscate the bind credentials for my LDAP proxy which have to put in cleartext in a world readable file. This lead me to two problems with the rewrite engine in the 2.2.23 LDAP backend:

1. SuffixMassage seems to work only as long as I don't add a "RewriteContext bindDN".

2. I want to use the rewrite engine to rewrite the password submitted by the client.


>From my slapd.conf...
------------------------------------------------------------------
database        ldap
suffix          ""

suffixmassage   "cn=proxy,dc=example,dc=com" "CN=ldap,CN=users,DC=foo,DC=bar"

uri             ldap://pdc.foo.bar
lastmod         off
rebind-as-user


rewriteEngine on
rewriteContext bindDN
rewriteRule     "^(.*)WORLDREADABLEPWD(.*)$" "%1ADSPWD%2" ":"
------------------------------------------------------------------


Any ideas?

Best regards
Tom



-- 
___________________________________________________
Play 100s of games for FREE! http://games.mail.com/