[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: simple-auth to SASL mapping?

On Tue, 2008-01-08 at 21:06 +0100, Pierangelo Masarati wrote:
> Stefan Palme wrote:
> > Now I have some LDAP client applications that only support
> > simple authentication, but no SASL authentication. So I am
> > looking for a way to "map" simple authentication to SASL
> > authentication, e.g. when a user uses simple auth with
> > DN "cn=user1,ou=users,dc=domain,dc=com" this mechanism should
> > authenticate this user via SASL using username "user1"
> > and the provided password.
> > 
> > Is this possible?
> > 
> The only way I see, apart from writing a custom layer (an overlay) to
> slapd, consists in populating the database with the users' entries, and
> set their userPassword to "{SASL}<saslname>" and configure slapd's SASL
> to auth them accordingly.

Thanks for this hint - until now I did not know the "password format"
{SASL}. Will give it a try, because automatically creating a dummy LDAP
entry for each existing user from my external database should be


Dipl. Inf. (FH) Stefan Palme
email: kleiner@hora-obscura.de
www:   http://hbci4java.kapott.org
icq:   36376278
fax:   +49 1212 517956219
mobil: +49 178 3227887
key fingerprint: 1BA7 D217 36A1 534C A5AD  F18A E2D1 488A E904 F9EC