>From: Graham Barr [mailto:[EMAIL PROTECTED] >Sent: Thursday, March 03, 2005 7:05 PM >Thanks. Time has been short for me recently as I have been moving into >a new house. ...But now I am in my house and have broadband access >once again.
Congratulations on the new house. Long-live residential broadband! >OK. Actually this makes it even easier. We do not need the version >parameter. The user should be able to provide one of proxyDN >or AuthzId and the module will use the correct OID. > >Now my suggestion is: > > my $auth = Net::LDAP::Control::ProxyAuth->new( > proxyDN => 'cn=me,ou=people,o=myorg.com', # OID x.12 > ); > > my $auth = Net::LDAP::Control::ProxyAuth->new( > authzID => 'dn:cn=me,ou=people,o=myorg.com', # OID x.18 > ); > Much better. I like it. Seems obvious, now. :-) >We could even split AuthzId into uAuthzId and dnAuthzId and have the >module add the correct prefix. Sure. These params would be handy. Fewer sharp edges with which users may hurt themselves. >The real question is what we do in ::Constant. Do we have both or, as >the old one is out dated, just have the new OID and the control module >has the OID in it directly. ie Do we want the user to have access to >both as constants or just the latest. Personally I am leaning towards >just the latest but that would break any script which used the >constant directly instead of via the Control module. Yea, I agree. One [updated] constant seems cleaner. LDAP_CONTROL_PROXYAUTHENTICATION (2.16.840.1.113730.3.4.18) Perldoc'ing the OID change in Net::LDAP::Control::ProxyAuth.pm and spotlighting the change in the "Changes" file should mitigate the pain. Of course, this is easy for me to say. I'm not on the receiving end of the mailing list. :-) -David
