[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS-based authentication?






Hi Stephen,

After setting up my server and clients to provide TLS/SSL connections, I
went about setting up SASL and the EXTERNAL mechanism to use the same
configuration to authenticate the client.  I have LDAP clients working from
command line and I'm close to having it work from inside my app
(ldap_sasl_interactive_bind_s() using EXTERNAL).

I suggest to anyone else who tries this to upgrade to SASLv2 and the latest
OpenLDAP.

Cheers,
Kent Soper

"You don't stop playing because you grow old ...
       you grow old because you stop playing."

Linux Technology Center, Linux Security
tie line:     678-9216
external:  1-512-838-9216
e-mail:  dksoper@us.ibm.com




                                                                                                                                     
                      Stephen Frost                                                                                                  
                      <sfrost@snowman.net>             To:       openldap-software@OpenLDAP.org                                      
                      Sent by:                         cc:                                                                           
                      owner-openldap-software@O        Subject:  TLS-based authentication?                                           
                      penLDAP.org                                                                                                    
                                                                                                                                     
                                                                                                                                     
                      06/26/2003 11:17 AM                                                                                            
                                                                                                                                     
                                                                                                                                     




Hey all,

  Any of you folks using TLS-based authentication?  Where you're
  actually using TLS to perform your authentication to slapd?  (Not just
  encryption and whanot).

  The reason I ask is that it would be difficult to support that using
  GNU TLS in place of OpenSSL and we're wondering how much interest
  there is for it.

   Thanks,

  Stephen



#### C.DTF has been removed from this note on June 26, 2003 by Kent Soper