Re: SASL OTP and syncrepl

Pierangelo Masarati masarati@aero.polimi.it wrote:

I'm not a fan of OTP, but I believe this problem is worth being discussed not only with respect to OTP, but also because it may share issues with other auth methods where the directory stores auth-related data (like SASL auxprops).

When everything is set up correctly, a client should not direct binds with this type of mech to a replica.

A simple solution in the single master situation is to redirect any SASL OTP bind to the master. As far as I understand, we have no way of configuring this right now, it needs at add some code, right?

The multi-master setup is much more complicated to get done right.