[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: anonymous proxy and idassert-bind
Pierangelo Masarati wrote:
In this case, there seems to be a bug in identity assertion, which
prevents mode=anonymous from working as expected. I suggest you file
an ITS so that this bug gets tracked.
Partial correction: half of this bug is already fixed in HEAD/re23 code
(and thus will be in 2.3.33). In fact, mode=anonymous now works as
expected. What seems to be broken in mode=self when the connection is
anonymous. In that case, the proxy should bind as the idassert binddn,
and proxyauthz as anonymous, while it does bind without proxyauthz'ing.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------