I see that php 5.0.2 has added the ldap_sasl_bind function. I compiled
php-5.0.2 against our OpenLDAP w/ SASL support libraries, and went ahead to
give it a whirl:
#!/usr/local/bin/php
?php
$ds = ldap_connect(ldap-test3.stanford.edu);
if($ds) {
$r = ldap_sasl_bind($ds);
} else {
echo Unable to connect!;
}
?
However, what I get back is:
bWarning/b: ldap_sasl_bind() [a
href='function.ldap-sasl-bind'function.ldap-sasl-bind/a]: Unable to bind
to server: Not Supported in
b/afs/ir.stanford.edu/users/q/u/quanah/cgi-bin/test.cgi/b on line
b5/bbr /
In looking at the php 5.0.2 code I see:
if ((rc = ldap_sasl_interactive_bind_s(ld-link, NULL, NULL, NULL,
NULL, LDAP_SASL_QUIET, _php_sasl_interact, NULL)) != LDAP_SUCCESS) {
This line seems a bit bogus to me -- All those nulls mean that a valid SASL
Mechanism is never specified to bind as.
For example, in perl, I've used:
ldap_sasl_interactive_bind_s($self-{ld}, $dn, $pass,
$self-{saslmech}, $self-{saslrealm},
$self-{saslauthzid}, $self-{saslsecprops},
$self-{saslflags});
(Note that for SASL/GSSAPI, the $dn $pass can safely be ignored, as it is
my K5 credentials that determine my DN anyhow).
Is this feature expected to work yet?
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
