[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: anonymous proxy and idassert-bind



Pierangelo Masarati wrote:
In this case, there seems to be a bug in identity assertion, which prevents mode=anonymous from working as expected. I suggest you file an ITS so that this bug gets tracked.
Partial correction: half of this bug is already fixed in HEAD/re23 code (and thus will be in 2.3.33). In fact, mode=anonymous now works as expected. What seems to be broken in mode=self when the connection is anonymous. In that case, the proxy should bind as the idassert binddn, and proxyauthz as anonymous, while it does bind without proxyauthz'ing.

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------