Hey, After the SASL "GSSAPI" method has authenticated gss_wrap is called with some data to be used with ldap_sasl_bind_s. This data is 1) a confidentiality and integrity bitmask, 2) the maximum buffer size accepted by the client, and 3) the "authorization identity".
What is the "authorization identity"? Is it a UPN or ...? Also, RFC 2222 and others claim the data must be padded to a multiple of 8 but I don't see that padding using ldapsearch with cyrus-sasl. Is there supposed to be padding or not? Mike -- Michael B Allen PHP Active Directory SSO http://www.ioplex.com/ ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
