[Date Prev][Date Next] [Chronological] [Thread] [Top]

SuffixMassage and RewriteContext bindDN / Password Rewriting (2.2.23)

To: OpenLDAP-software@OpenLDAP.org
Subject: SuffixMassage and RewriteContext bindDN / Password Rewriting (2.2.23)
From: "Tom Mitchell" <tom_mitchell@mail.com>
Date: Wed, 09 Aug 2006 05:47:07 -0500
Content-disposition: inline

Hi all!

I'm trying to obfuscate the bind credentials for my LDAP proxy which have to put in cleartext in a world readable file. This lead me to two problems with the rewrite engine in the 2.2.23 LDAP backend:

1. SuffixMassage seems to work only as long as I don't add a "RewriteContext bindDN".

2. I want to use the rewrite engine to rewrite the password submitted by the client.


>From my slapd.conf...
------------------------------------------------------------------
database        ldap
suffix          ""

suffixmassage   "cn=proxy,dc=example,dc=com" "CN=ldap,CN=users,DC=foo,DC=bar"

uri             ldap://pdc.foo.bar
lastmod         off
rebind-as-user


rewriteEngine on
rewriteContext bindDN
rewriteRule     "^(.*)WORLDREADABLEPWD(.*)$" "%1ADSPWD%2" ":"
------------------------------------------------------------------


Any ideas?

Best regards
Tom



-- 
___________________________________________________
Play 100s of games for FREE! http://games.mail.com/

Follow-Ups:
- Re: SuffixMassage and RewriteContext bindDN / Password Rewriting (2.2.23)
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: SuffixMassage and RewriteContext bindDN / Password Rewriting (2.2.23)
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: proxycache overlay behavior
Next by Date: Errors for specific ldapsearch uses / search filters
Index(es):
- Chronological
- Thread