[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs

To: Wil Cooley <wcooley@nakedape.cc>
Subject: Re: ACLs
From: Turbo Fredriksson <turbo@bayour.com>
Date: 15 Mar 2001 17:00:29 +0100
Cc: Alexander Brinkman <a.brinkman@avades.nl>, openldap-software@OpenLDAP.org
In-reply-to: Wil Cooley's message of "Wed, 14 Mar 2001 12:39:30 -0800"
Organization: LDAP/Kerberos expert wannabe
References: <001001c0ac96$97762c70$460897c2@avtest.dev> <20010314123930.H32352@rheingold.nakedape.priv>
User-agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7

>>>>> "Wil" == Wil Cooley <wcooley@nakedape.cc> writes:

    Wil> Thus spake Alexander Brinkman:
    >> Here I go again :)
    >> 
    >> Everything with SASL and openLDAP is working now, except for
    >> the ACLs (I think). I understand that there is no direct
    >> relationship between SASL users (in Kerberos or SASLdb) and
    >> LDAP users (uid=xxx,ou=People,dc=domain,dc=org for
    >> instance). But in that case: whats the point of authentication
    >> with SASL?

    Wil> I'd like to know the answer to this question too...  I've so
    Wil> far avoided using SASL because I haven't taken the time to
    Wil> understand it.

Have a look at the following URL. I think I got it (roughly right):
http://www.bayour.com/kerberos/Kerberos-MiniHOWTO.html#why-sasl


-- 
 Turbo     __ _     Debian GNU     Unix _IS_ user friendly - it's just 
 ^^^^^    / /(_)_ __  _   ___  __  selective about who its friends are 
         / / | | '_ \| | | \ \/ /   Debian Certified Linux Developer  
  _ /// / /__| | | | | |_| |>  <  Turbo Fredriksson   turbo@tripnet.se
  \\\/  \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden

Follow-Ups:
- RE: ACLs
  - From: "Tarjei Huse" <tarjei@nu.no>

References:
- ACLs
  - From: a.brinkman@avades.nl (Alexander Brinkman)
- Re: ACLs
  - From: Wil Cooley <wcooley@nakedape.cc>

Prev by Date: ldbm2ldif
Next by Date: "attribute not allowed" error
Index(es):
- Chronological
- Thread