[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP & Cyrus-SASL: how to specify mech_list



Hello,

what is the correct way to specify the list of allowed SASL mechanisms,
in an OpenLDAP-server using Cyrus-SASL?

The cyrus-sasl documentation mentions the option mech_list, but I cannot
figure out where and how to specify this. Following some examples I found
on the net, I tried to include e.g.
  sasl-mech_list: PLAIN
into my slapd.conf, which I hoped would disable all SASL mechanisms but
PLAIN, but it didn't have any effect: the server still allowed me to
authenticate using e.g. EXTERNAL authentication.

I also tried to specify mech_list in a separate per-application config
file for the sasl library,
  /usr/lib/sasl2/slapd.conf
but this file does not even get accessed by the server.

What am I missing here?
And: is there a way to obtain from the server a complete list of
authentication mechanisms which it is willing to accept?


Thanks in advance,

Greetings,

Timo


-- 
Timo Felbinger                  <Timo.Felbinger@physik.uni-potsdam.de>
Quantum Physics Group           http://www.quantum.physik.uni-potsdam.de
Institut fuer Physik            Tel: +49 331 977 1793      Fax: -1767
Universitaet Potsdam, Germany   PGP key-id: E92567B2