On Tue, Sep 7, 2010 at 7:20 AM, <[email protected]> wrote: >> On Wed, Sep 1, 2010 at 7:33 PM, <[email protected]> wrote: >>>> On Wed, Sep 1, 2010 at 11:14 AM, Mustafa A. Hashmi <[email protected]> >>>> wrote: >>>>> On Wed, Sep 1, 2010 at 12:11 AM, Mustafa A. Hashmi >>>>> <[email protected]> >>>>> wrote: >>>>>> On Tue, Aug 31, 2010 at 9:31 PM, <[email protected]> wrote: >>>>> >>>>> I've uploaded the log file named: >>>>> mustafa-hashmi-20110901-slapd-backldap-log.txt to the incoming folder. >>>>> Please let me know if you need additional information. >>> >>> Thanks for the logs, I'll let you know. >> >> Great, thank you. >> >> Please note that when using code from HEAD, I cannot replicate the >> issue and all works perfectly. For testing, I pointed the same >> secondary system to the new primary (the secondary was still on >> 2.4.23-release). > > The logs you provide do not reveal anything specific; the fixes in HEAD > essentially address the issue that a retry under some circumstances could > result in reconnect anonymously a connection previously bound as some > specific identity. As a consequence, subsequent attempts to use proxied > authorization within identity assertion would fail because anonymous can > never authorize. Those fixes will likely be released in 2.4.24.
Thanks for looking into it. Testing code in HEAD I couldn't replicate the issue, so looking forward to the next release :) Mustafa.
