Hi Gabor,
On Fri, Jun 17, 2011 at 07:53:14AM +0200, Gabor Lekeny wrote:
> Dear all,
>
> The bind operation is quite complex in LDAP:
> http://tools.ietf.org/html/rfc4511#section-4.2
>
> It could be simple (anonymous or name/password authentication) or SASL. I
> only implemented anonymous bind because it is very simple and using other
> authentication send data must be encoded in ASN.1 syntax (
> http://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One).
>
> I suggest 2 solutions for the problem:
> 1. modifying LDAP server ACLs to allow bind for anonymous (eg. openldap:
> http://www.openldap.org/doc/admin24/access-control.html)
> 2. changing the HAproxy code to accept resultCode 49: invalidCredentials (
> http://tools.ietf.org/html/rfc4513#section-5.1.3)
Thank you very much for all these details. Christopher, is it possible for you to do #1, or should we try to implement support for #2 ?
Regards,
Willy
Received on 2011/06/17 08:46
This archive was generated by hypermail 2.2.0 : 2011/06/17 09:00 CEST