[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL support in back-ldap & back-meta (ITS#3022)



>
>
>With CRAM-MD5, the native SASL
>authz doesn't work, i.e. the proxy remains bound with the administrative
>identity instead of authz'ing as the initial user.
>
I've added an (undocumented) parameter to the SASL auth which instructs
the proxy that the selected mech can do native authz.  Use

idassert-method sasl [other params...] authz=native

otherwise, the proxy will fall back to the proxyauthz control applied to 
each
operation.

p.



    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497