On 2/27/07, Alex Karasulu <[EMAIL PROTECTED]> wrote:
Would be nice to get SASL setup for Apache Directory. Any idea if that's possible soon?
Yes, I think so. I'll put some more time into it this weekend. I'll go ahead and assign DIRSERVER-277 and DIRSERVER-278 to myself. Once GSSAPI is working, I could use some feedback as to what other SASL mechs we should support. I'll have some questions when we get to how to configure this. We'll want to make supportedSASLmechanisms configurable and determine how service and user principals are found. We've always just put them in ou=users but we'll want users vs service principals and we may even want multiple ou=users, say for dc=example,dc=com and dc=apache,dc=org if you have multiple partitions, for example. Also, we have issues with centralizing the enforcement of password policy and with both generating and provisioning Kerberos keys. I'll cover those separately in new emails. Enrique
