On 6/5/07, Emmanuel Lecharny <[EMAIL PROTECTED]> wrote:
... This is where I don't understand. The LDP request specify thet the bind is SIMLPLE, not SASL, so I don't see a reason to pass through GSSAPI.May be I'm plain wrong, maybe then the PLAIN mechanism should be used, but I don't think this is the way to go. Can you elaborate a little bit?
Sorry, you confused me by including a snippet of the "props" bean from the Spring XML, so I thought this was related to the back-end bind. That a remote client attempts a SIMPLE bind and sees the warning about GSSAPI not being properly configured is simply because the GSSAPI principal is re-tried on EVERY bind until one is found. The idea was you'd see this warning and think "I need to obey the warning and add a service principal." This would allow you to add the principal and have it get used without restarting the server. I agree that seeing a GSSAPI warning on a remote SIMPLE bind is misleading. But, it is not the case that SIMPLE binds "pass through GSSAPI," only that binds are the trigger for re-checking the presence of a GSSAPI service principal. I can add a conditional to only re-try finding a GSSAPI principal with GSSAPI requests. Enrique
