I am assuming by the lack of response that no-one really cares (at least
at this point) about LDAP group based authorization.
I have determined that the way its currently setup (the ldap ptloader)
won't do what I want, so I am in the process of rewriting it for my needs.
I am wondring if there
On Sat, 17 Jan 2004, Tim Pushor wrote:
> I am assuming by the lack of response that no-one really cares (at least
> at this point) about LDAP group based authorization.
Oh, I wouldn't go that far. I just think folks haven't gotten too
deep into it yet. If you search the archive you'll see it wa
I have determined that the way its currently setup (the ldap ptloader)
won't do what I want, so I am in the process of rewriting it for my needs.
Interesting. Why is that? (Not using it myself right now, but would
like to at some point.)
Because it relies on a user having multiple member
On Sat, 17 Jan 2004, Tim Pushor wrote:
>
> >>I have determined that the way its currently setup (the ldap ptloader)
> >>won't do what I want, so I am in the process of rewriting it for my needs.
> >>
> >>
> >
> >Interesting. Why is that? (Not using it myself right now, but would
> >like to at s
Igor Brezac wrote:
I do not see how this is going to work within cyrus context. You will
need to change a lot more than just ptloader/ldap code for this to work.
Perhaps I don't understand everything involved, but ptloader now just
finds the user record via user defineable filter, and only c
On Sat, 17 Jan 2004, Tim Pushor wrote:
> Igor Brezac wrote:
>
> >I do not see how this is going to work within cyrus context. You will
> >need to change a lot more than just ptloader/ldap code for this to work.
> >
> >
> >
> Perhaps I don't understand everything involved, but ptloader now just
>
Igor Brezac wrote:
I see. I did not realize you were going to retrieve groups with another
search filter. This should work.
Yeah, I'm sure it will. I wish I could do it in one query though.. How
often does the ptloader get called on? Will the pts cache here help at
all? What exactly does
On Sun, 18 Jan 2004, Tim Pushor wrote:
>
>
> Igor Brezac wrote:
>
> >I see. I did not realize you were going to retrieve groups with another
> >search filter. This should work.
> >
> >
> >
> Yeah, I'm sure it will. I wish I could do it in one query though.. How
You could use ldap_whoami() inst
Igor Brezac wrote:
You could use ldap_whoami() instead of the first query.
Where does that come from?
You do not need to do anything with this. The identifier is passed to pts
for canonicalization, the group is not validated.
I don't see this in ldap.c. The identifier group
On Sat, 17 Jan 2004, Igor Brezac wrote:
> You'd be better of writing an ldap authorization module. Check
> lib/auth_unix.c for an example.
It is unclear that this is the case, as the advantage of using the
ptloader format is that you can use a single ldap connection for all of
the cyrus processe
On Mon, 19 Jan 2004, Rob Siemborski wrote:
> On Sat, 17 Jan 2004, Igor Brezac wrote:
>
> > You'd be better of writing an ldap authorization module. Check
> > lib/auth_unix.c for an example.
>
> It is unclear that this is the case, as the advantage of using the
> ptloader format is that you can u
Tim Pushor wrote:
No, ldap.c doesn't work for me at all. If there are no memberOf
attributes, it dies and user authentication fails (!). I guess I could
setup a test user and step through it, but I did see what was happening
at least in my adaptation of ldap.c. Canonicalization (of a group) was
On Fri, 23 Jan 2004, Sava Chankov wrote:
> Tim Pushor wrote:
> > No, ldap.c doesn't work for me at all. If there are no memberOf
> > attributes, it dies and user authentication fails (!). I guess I could
> > setup a test user and step through it, but I did see what was happening
> > at least in
Sava,
Thanks, I had a quick look at what you had there. Looks good. Perhaps I
won't have to reinvent the wheel.
Thanks again,
Tim
Sava Chankov wrote:
Tim Pushor wrote:
No, ldap.c doesn't work for me at all. If there are no memberOf
attributes, it dies and user authentication fails (!). I gues
14 matches
Mail list logo
