https://issues.apache.org/bugzilla/show_bug.cgi?id=48505
charlie <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #13 from charlie <[email protected]> 2010-01-25 11:28:39 UTC --- Eric, it's not about ldapi, it's about the way Apache's broken AuthLDAPURL syntax is crippling systems by preventing easy access to underlying LDAP client libraries. You require this for syntax: transport://host host host host host:port/dn?filter this is not RFC compliant, you cannot embed multiple hosts like that. This is a hack and it's not a good one. It prevents many common and desirable configs. This is the right way to do it: transport://host:port/dn?filter transport://host:port/dn?filter transport://host:port/dn?filter It's the way OpenLDAP's code does it, it's the way PADL's code does it, it's the only way I know of that conforms to the relevant RFCs. The relevant RFCs were written by Kurt Zeilinga, and Kurt uses the form I've recommended in his own code. All the people complaining about failover not working are trying to use this well-known format which Apache does not support. In regards to ldapi, that is one single line of my previous post. I was trying to illustrate that a proper syntax will allow access to *everything* the client libraries provide, including ldapi. However, if that introduces confusion, please ignore the one single line that mentions ldapi, I did not mean to mislead you. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
