[Date Prev][Date Next] [Chronological] [Thread] [Top]

rwm and sasl authz

I was wondering if it is a known issue that when using sasl authorization 
combined with the rewrite module, one doesn't have access to either the 
binddn or the authz dn. The rewrite context bindDN is only called when the 
client supplies a DN in the simple-bind fashion (-D when using ldapsearch). 

But if one uses a sasl mechanism (in order to use proxy auth for example) then 
the binding will happen with the result of the authz-regexp rewrite but this 
is not in a context of slapo-rwm, whose bindDN context sees whatever, if any, 
arbitrary bind DN the request contained (for example through -D).

Additionally there is no context regarding the authorization DN, which is 
pretty much a necessity if you plan on using authFrom and have remapped the 

Thank you,
Kostas Koukopoulos