[Date Prev][Date Next] [Chronological] [Thread] [Top]

sasl proxy authorization and regexp



Hello!

I'm trying to configure SASL proxy authorization in my distributed directory.

I added the user uid=joao,cn=campusII,dc=ucb,dc=br in SASL database (joao@ares.cesmic.ucb.br) and in OpenLDAP tree. In OpenLDAP entry, I added the saslAuthzTo attribute as bellow:

dn: uid=joao,cn=CampusII,dc=ucb,dc=br
changetype: modify
add: saslAuthzTo
saslAuthzTo: dn.regex:uid=.*,cn=CampusII,dc=ucb,dc=br

The ACLs allow read/write for everybody.

However, this regexp does not work. If I put

dn: uid=joao,cn=CampusII,dc=ucb,dc=br
changetype: modify
add: saslAuthzTo
saslAuthzTo: dn.regex:uid=fgoulart,cn=CampusII,dc=ucb,dc=br

the user Joao authorizes the user fgoulart. But when I try to use the regexp, joao does not authorizes fgoulart.

Could anybody help me, please?

Thanks in advance,
Raissa