[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL support in back-ldap & back-meta (ITS#3022)
>
>
>With CRAM-MD5, the native SASL
>authz doesn't work, i.e. the proxy remains bound with the administrative
>identity instead of authz'ing as the initial user.
>
I've added an (undocumented) parameter to the SASL auth which instructs
the proxy that the selected mech can do native authz. Use
idassert-method sasl [other params...] authz=native
otherwise, the proxy will fall back to the proxyauthz control applied to
each
operation.
p.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497