At 09:34 AM 10/15/2005, Brian Candler wrote: >On Sat, Oct 15, 2005 at 09:01:59AM -0700, Kurt D. Zeilenga wrote: >> Passing the combined (TLS+SASL) SSF would be better. > >Is that conn->c_ssf (= conn->c_authz.sai_ssf)? Yes, but you should values in the Operation structure (likewise for other authorization factors). Kurt