"Christopher R Key (Chris)" wrote: > Based on what Ian and Graham have mentioned, it doesn't see as though > the ldap proxy will be a complete proxy (like Innosoft's directory > access router). Am I mistaken?
Depends on your definition of "complete proxy". The standard "proxy" way of handling things seems simplistically to be: - open up a tcp connection to proxy - say GET <URL> HTTP/1.1 - say Host: <hostname:port>\n\n - Get some data back In the case of the LDAP proxy we simply now understand ldap: URLS in addition to http: and ftp: URLs as we do now. Exactly like with ftp: URLs, ldap: URLs that return multiple objects would be output in a standard way (eg LDIF) and could be processed by a filter into whatever you want. > Also, has any thought been given to how > non-anonymous ldap connections will be handled (if at all)? In theory you could handle it like this: ldap://user:[EMAIL PROTECTED]/foo... although the user:pass bit doesn't seem to be in the official LDAP URL spec when last I looked (I could be wrong). Another way of doing it is to define an config option for the binddn and bindpw that would be used to do the search. Regards, Graham -- ----------------------------------------- [EMAIL PROTECTED] "There's a moon over Bourbon Street tonight..."
smime.p7s
Description: S/MIME Cryptographic Signature
