[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sasl proxy authorization and regexp



see "sasl-authz-policy" in slapd.conf(5) to enable sasl authz.

p.

> Hello!
>
> I'm trying to configure SASL proxy authorization in my distributed
> directory.
>
> I added the user uid=joao,cn=campusII,dc=ucb,dc=br in SASL database
> (joao@ares.cesmic.ucb.br) and in OpenLDAP tree. In OpenLDAP entry, I
> added the saslAuthzTo attribute as bellow:
>
> dn: uid=joao,cn=CampusII,dc=ucb,dc=br
> changetype: modify
> add: saslAuthzTo
> saslAuthzTo: dn.regex:uid=.*,cn=CampusII,dc=ucb,dc=br
>
> The ACLs allow read/write for everybody.
>
> However, this regexp does not work. If I put
>
> dn: uid=joao,cn=CampusII,dc=ucb,dc=br
> changetype: modify
> add: saslAuthzTo
> saslAuthzTo: dn.regex:uid=fgoulart,cn=CampusII,dc=ucb,dc=br
>
> the user Joao authorizes the user fgoulart. But when I try to use the
> regexp, joao does not authorizes fgoulart.
>
> Could anybody help me, please?
>
> Thanks in advance,
> Raissa


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it