[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP with GSSAPI problem

To: openldap-software@OpenLDAP.org
Subject: Re: OpenLDAP with GSSAPI problem
From: Turbo Fredriksson <turbo@bayour.com>
Date: 08 Aug 2003 09:44:24 +0200
In-reply-to: <000a01c35d0d$07a9c370$0e01a8c0@CELLO>
Organization: LDAP/Kerberos expert wannabe
References: <000a01c35d0d$07a9c370$0e01a8c0@CELLO>
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

Quoting "Howard Chu" <hyc@highlandsun.com>:

> As I already stated - saslRegexp mapping is a purely optional step.

I find this a very theoretical statement. True, but not in 'the real' world.

Why would you authenticate, if there's no need for it? You need this mapping
to be able to do ACL/ACI checking, and that's the only reason for authenticating
in the first place... If you don't need to check if you have access to something/
anything, there's no need to authenticate.. ?

Unless you use a ACL/ACI like 'by users ...' that is.

Follow-Ups:
- Re: OpenLDAP with GSSAPI problem
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- RE: OpenLDAP with GSSAPI problem
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: OpenLDAP with GSSAPI problem
Next by Date: Re: OpenLDAP with GSSAPI problem
Index(es):
- Chronological
- Thread