You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2013/07/01 22:25:51 UTC
[Bug 55178] New: [PATCH] mod_authnz_ldap SASL authentication support
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
Bug ID: 55178
Summary: [PATCH] mod_authnz_ldap SASL authentication support
Product: Apache httpd-2
Version: 2.5-HEAD
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_auth_ldap
Assignee: bugs@httpd.apache.org
Reporter: lubo.rintel@gooddata.com
Created attachment 30516
--> https://issues.apache.org/bugzilla/attachment.cgi?id=30516&action=edit
mod_authn_ldap: Allow authentication with SASL
There is not SASL support in mod_authnz_ldap and mod_ldap respectively.
The attachments (apply to development trunk) add SASL support to the extent
Kerberos authentication via GSSAPI mechanism can used. They are accompanied by
documentation (though I've sadly not been able to extend French language
version documentation for the modules):
* mod_authn_ldap: Allow authentication with SASL
The first patch adds a directive to specify the SASL mechanism. This alone is
not enough for much practical use (apart from anonymous binds, or credentials
supplied via other means, such as pre-initialized Kerberos credentials cache),
but lays foundation for sane extending. It would be easy to e.g. add PLAIN
authentication without hardcoding it, as is done in bug #51757.
* mod_authn_ldap: Allow specifying SASL interaction
This allows for running a command when SASL interaction is required to obtain
credentials. The actual conversation is very mechanism dependent (bug #51757 is
a good example how could it be extended for PLAIN mechanism), this just
delegates the work to a command. An example in documentation shows how to use
this to obtain Kerberos TGT to initialize credentials cache for GSSAPI
mechanism to succeed.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #30516|0 |1
is patch| |
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
Lubomir Rintel <lu...@gooddata.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |PatchAvailable
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
--- Comment #2 from Lubomir Rintel <lk...@v3.sk> ---
http://mail-archives.apache.org/mod_mbox/httpd-dev/201307.mbox/%3C201307140941.04198.sf@sfritsch.de%3E
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #30517|0 |1
is patch| |
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
--- Comment #1 from Lubomir Rintel <lu...@gooddata.com> ---
Created attachment 30517
--> https://issues.apache.org/bugzilla/attachment.cgi?id=30517&action=edit
mod_authn_ldap: Allow specifying SASL interaction
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 55178] [PATCH] mod_authnz_ldap SASL authentication support
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55178
David Hawes <dh...@vt.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dhawes@vt.edu
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org