Tom Mitchell wrote:
Hi all!
I'm trying to obfuscate the bind credentials for my LDAP proxy which have to
put in cleartext in a world readable file. This lead me to two problems with
the rewrite engine in the 2.2.23 LDAP backend:
1. SuffixMassage seems to work only as long as I don't add a "RewriteContext
bindDN".
"Suffixmassage" is a helper to provide a shortcut configuration of DN
rewriting that simply rewrites the naming context of all DNs back and
forth. If you need more specific rules, you'll likely need to give up
"suffixmassage" and do all the rewriting yourself, because the order of
the rewrite statements does matter.
2. I want to use the rewrite engine to rewrite the password submitted by the
client.
This is not possible: rewriting is limited to DNs and DN-valued
attributes, so you're following the wrong trail.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: [EMAIL PROTECTED]
------------------------------------------
