[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Priority or restriction of SASL mechanisms
You can control which mechanisms are available to a Cyrus SASL
enabled application via Cyrus SASL.... see Cyrus SASL docs
for how (and the Cyrus SASL list for help).
Kurt
At 10:20 AM 1/6/2005, John Morris wrote:
>Hi, all!
>
>Just got upgraded to 2.2 from 2.0. I'm using the FC3 RPMs. One
>behavioral change from 2.0 (which were modified RH RPMs from a couple
>years ago) is that when doing an ldapsearch, the default SASL mechanism
>is now MD5, whereas before it was GSSAPI (which is what I desire). If I
>add '-Y GSSAPI' to the ldapsearch commandline, GSSAPI works gorgeous.
>
>This seems a little strange since I haven't configured any MD5 mechanism
>(is any required?), and don't run saslauthd.
>
>I've hacked away the problem with an 'rpm -e --nodeps cyrus-sasl-md5'.
>Kinda nasty (why does the RH openldap RPM even depend on that package,
>anyway?).
>
>Is there a way to restrict the list of SASL mechanisms or to put a
>priority on them? Thanks for any advice.
>
> John