Opened 3 years ago
Closed 2 years ago
#1486692 closed Feature Patches (fixed)
LDAP SASL bind and proxy authentication
| Reported by: | andi | Owned by: | alec |
|---|---|---|---|
| Priority: | 5 | Milestone: | 0.6-beta |
| Component: | LDAP connection | Version: | 0.4-beta |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Similar to #1486690, necessary for #1486689.
- SASL authentication is enable when no 'bind_dn' has been specified, LDAPv3 is in use and 'user_specific' is enabled.
- the SASL mechanism can be specified as "auth_method". To use proxy-auth, do not set this to "PLAIN" or "CRAM-MD5".
- authcid: used to specify a SASL user for authentication. This is _not_ the accounts DN but a SASL user ID, for OpenLDAP, appropriate sasl account mappings need to be specified. The authcid account must be allowed to assume the users identity.
- bind_user : can be used fo format the users SASL login. When autzhcid is set, default is '%u'
Attachments (1)
Change History (3)
Changed 3 years ago by andi
comment:1 Changed 2 years ago by alec
- Milestone changed from later to 0.6-beta
- Owner set to alec
comment:2 Changed 2 years ago by alec
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
Applied in [4d982d38].