On 06/20/2013 02:41 PM, Eric Covener wrote:
On Thu, Jun 20, 2013 at 8:33 AM, Jan Kaluža <jkal...@redhat.com> wrote:
On 06/20/2013 02:25 PM, Eric Covener wrote:
Do you think we should tolerate an error turning referrals off?
That's good point.
I'm not ldap expert, but I would say we should not tolerate that. Admin has
to explicitly disable referrals and if he does that, he probably has some
reason why to do it.
But if someone more experienced thinks we should tolerate that error, I'm
not against.
I'm only concerned with someone who was getting by with LDAPReferrals
OFF because the default gave their SDK an error. Now OFF would be
fatal too.
But it's not so easy to do a separate "default" option because other
parts of the code need to know if referrals are being chased.
In this case I think we could change the patch to not call
ldap_set_option for referrals at all unless the admin specifies the
value in config file. I mean to define AP_LDAP_CHASEREFERRALS_UNSET and
if the ldc->chaseReferrals == AP_LDAP_CHASEREFERRALS_UNSET, then do
nothing. I can submit patch like that tomorrow.
This should be good for everyone, right?
Regards,
Jan Kaluza
