Hi, all: Recently, I am tasked with implementing an SASL LDAP client in our printers. But I have little SASL knowledge so far, and hope you guys can help me with some questions.
1. Does SASL mechanism only affect the binding process? Or both the binding process and the searching process? My understanding is it only affects the binding stage. Please correct me if I am wrong. 2. Although simple binding is just one-round process, it seems SASL authentication takes one or more round trips between your LDAP client and the server. (The server may send a number of "challenges" to the client.) What are the challeges from the server? Can I furnish them with the request in just one round? 3. SASL binding/authentication usually needs a Kerberos ticket that comes afer a successeful Kerberos authentication. Before my LDAP client tries to do SALS binding with GSSAPI, How I can get the ticket and merge it into the request? Can the function ldap_sasl_bind_s() automatically retrieve it from GSSAPI library if it discovers that there is a ticket, or it need a manual retrieval? 4. Finally, if someone can provide some network traces that use SASL authentication, it would be greatly useful. If there is any code example to show how to use SASL binding with GSSAPI mechism, that will be invaluable. Looking forword to your help, Xu Qiang _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
