[
https://issues.apache.org/jira/browse/DIRAPI-105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16259405#comment-16259405
]
Emmanuel Lecharny commented on DIRAPI-105:
------------------------------------------
So AFAIU, it's enough to send a {{BindRequest}} with the 'EXTERNAL' mechanism,
and an optional {{authzid}} parameter. The requirement would be that we have
already established a TLS session (there are other means by which the client
might be authenticated by the server, like IP-level security).
ATM, we could assume it's up to the server to determinate if SASL EXTERNAL
request is to be accepted or rejected.
Adding the associated code in the API is quite trivial, and I suggest we do it
quick. The real trouble would be for us to test this code, as {{ApacheDS}}
currently does not support TLS session, but that should not be a show-stopper.
> Implement the EXTERNAL SASL Bind mechanism
> -------------------------------------------
>
> Key: DIRAPI-105
> URL: https://issues.apache.org/jira/browse/DIRAPI-105
> Project: Directory Client API
> Issue Type: New Feature
> Affects Versions: 1.0.0-M2
> Reporter: Emmanuel Lecharny
> Fix For: 1.0.1
>
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
