From: Aleksandar Milivojevic (no email)
Date: Fri Mar 10 2006 - 14:04:29 EST
Quoting Igor Brezac <>:
> You need to configure proxy authorization in order for ldapdb to
> work. This is noted in the cyrus-sasl docs (options.html). If you
> have trouble configuring proxy authorization, I suggest you move this
> discussion to the openldap software list.
OK, I see... I'll try that and see what happens.
>> BTW, would it be possible to use simple bind with ldapdb cyrus-sasl
>> module? Simple bind ovar SSL/TLS would work for me. It would even
>> simplify things on LDAP server side since I wouldn't need to support
>> SASL on it.
>
> There may be some complexity on the openldap server side, but the
> client config becomes far more simple.
Yup. Which is good thing sometimes. Sometimes it isn't. The old way
with simple binds, I could have defined ldap_filter differently for
each client and have client check for additional (client specific)
attributes in order to authenticate user (basically combining
authentication and authorization into single operation).
-- See Ya' later, alligator! http://www.8-P.ca/ ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|