On 8/6/07, Smith, Matt <[EMAIL PROTECTED]> wrote: > Good analysis - makes sense to me. Phil and I seem to be of the same > opinion that adding LDAP-specific functionality to mod-auth-cas would > not be a good idea. Does Apache 2.2's mod-authnz-ldap really allow > better separation, such that it can do a correct search of LDAP to find > a DN from REMOTE_USER during the AuthZ phase? If so, it would seem this > is preferential.
I confirmed that Apache 2.2's mod_authnz_ldap does permit finding a DN from REMOTE_USER during AuthZ. I agree that adding LDAP functionality to mod_auth_cas is not a good idea. Thanks for your help. Josh Kelley _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
