[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-devel
Subject: Re: New tool
From: "Pierangelo Masarati" <ando () sys-net ! it>
Date: 2004-04-14 22:33:19
Message-ID: 64572.81.72.89.40.1081981999.squirrel () webmail ! sys-net ! it
[Download RAW message or body]
> At 09:26 AM 4/14/2004, Kurt D. Zeilenga wrote:
>>I have no problem with you committing such. Might be interesting to
>> extend the whoami test to use it. (Proxy authorization can
>>apply without use of SASL.)
>
> Not sure if your rewrite changes effects the syntax of
> saslAuthzTo/From attribute values, but if so, it would
> good to change these attributes' names, e.g.: authzTo/From.
Not directly. They just replace sasl-regexp, allowing more
sophisticate (e.g. recursive) rules, and (should) mimic the
existing behavior for backwards compatibility. I'll add the
"auth-regexp" directive, aliased by "sasl-regexp" for
compatibility.
>
> This would also reflect that they are not just for SASL.
> (e.g., can be used to support the proxy authorization control).
No problem; I note they're in the (evil) OID namespace of OpenLDAP,
so I guess we can change their specification.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic