Brad Nicholes offerd some thoughts yesterday that might help;
I don't think that the work has been done to use the Novell LDAP SDK
on any other platform other than NetWare. Mainly because the OpenLDAP
client SDK works just fine although it is correct that OpenLDAP does
not support the DER cert format. But this should not be a problem
when connecting to an eDir server because the eDir server will support
B64 as well. The certificate just needs to be exported from eDir in
B64 format so that it is compatible with OpenLDAP rather than DER
format.
Craig L. Ching wrote:
Hi Bill,
Thanks much for your response! Unfortunately, this is for a customer
and I need to get them up and running ASAP. With 2.1, would I have
something that is stable enough for a simple CGI application?
Cheers,
Craig
-----Original Message-----
From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 01, 2005 3:34 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Mod_auth_ldap and Novell e-dir
Craig - using only autodetection (don't force the .hnw file)
- I would suggest you try using the 2.1.8 alpha release when
it's announced in a few days. ldap was quite experimental on
2.2, and with ssl and starttls support, doubly so.
Bill
Craig L. Ching wrote:
Hi,
I'm trying to build an apache (2.0.54 on SunOS 7) that will
be able to
interface with Novell e-Directory to authenticate users using
mod_auth_ldap. I have a build that works using the
OpenLDAP libraries
and normal ldap://, but when we try to do the same thing using
ldaps://, I get errors that indicate that OpenLDAP doesn't
support the
DER encoding for the certificate.
So I was thinking of using the Novell LDAP SDK, but that doesn't
appear to be straight-forward. Using the following options:
--with-ldap=ldapsdk \
--with-ldap-include=/export/home/cching/novell/cldap_2005.07.18/includ
e
\
--with-ldap-lib=/export/home/cching/novell/cldap_2005.07.18/lib \
--enable-ldap=static \
--enable-auth-ldap=static \
I get the following compile error:
"util_ldap.c", line 1568: undefined symbol:
LDAP_OPT_X_TLS_CACERTFILE
So, delving into this a bit further, I see a preprocessor macro:
APR_HAS_NOVELL_LDAPSDK
That looks interesting. AFAICT, the only way to turn this on is by
using srclib/apr-util/include/apr_ldap.hnw for apr_ldap.h. Copying
that over gets me further, except that I get these link errors:
ild: (undefined symbol) ldapssl_init -- referenced in the
text segment
of modules/experimental/.libs/mod_ldap.a(util_ldap.o)
So, has anyone gotten the Novell LDAP SDK to work? Any other hints
for how I could go about making mod_auth_ldap work with
Novell e-Dir?
Thanks for any help!
Cheers,
Craig
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]