Re: Question: back-ldap connection retrying and rebinding necessary?
Howard Chu wrote:
The rebind-as-user option was originally only used when chasing
referrals. With
the current code, your choices are to use proxyAuthz to assert a user identity
on reconnect, or simply fail instead of reconnecting. Personally I'd lean towards
the latter. For shared connections retrying is still appropriate, because we only
share connections for special cases, like rootdn usage where we already know we
can establish the correct credentials.
Ok, thanks.
I would like to work with this issue (in context of [1]).
To summarize my understanding: when proxy currently would retry non-shared
connection, it can fail instead and disconnect the client. Client can then continue by
re-establishing connection and binding again.
--
Tero
[1] https://bugs.openldap.org/show_bug.cgi?id=9468