[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL LDAP plugin

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: RE: SASL LDAP plugin
From: "Howard Chu" <hyc@highlandsun.com>
Date: Sun, 16 Jun 2002 15:08:11 -0700
Cc: <openldap-devel@OpenLDAP.org>
Importance: Normal
In-reply-to: <5.1.0.14.0.20020616145530.023fac48@127.0.0.1>

> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]

> >> The control must be managed by the frontend (with calls into
> >> backend as needed)... there's no DN.

> >Right. Getting back to allowing this control to be meaningfully proxied
> >by back-ldap: we need to be able to query the remote server's
> mapping rules.
> >Perhaps they should be added to back-monitor. The back-ldap
> proxy could be
> >configured to fetch the rules at startup and feed them into the local
> >runtime configuration. Then the control will still be usable on the proxy
> >server.

> I rather have the proxy server use a "who is this?" extended operation
> in this case.

That makes sense for portability. But then we need to allow the original
request to carry a DN (e.g., the back-ldap suffix), or have some other
mechanism of getting back-ldap selected. We also need to tell the front-end
that it's OK if the front-end mapping operation gets no matches (treat as
no-op), and let the backend handle the control.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

Follow-Ups:
- RE: SASL LDAP plugin
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- RE: SASL LDAP plugin
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: SASL LDAP plugin
Next by Date: RE: SASL LDAP plugin
Index(es):
- Chronological
- Thread