I'm going to add a LDAP 'Verify Credentials' operation to
the client side
in OpenLDAP (as that's I'll I need). The operation behaves like LDAP Bind
excepting it has no impact upon the underlying LDAP session (no change to
the authorization associations, no change of layers, etc.). No spec yet,
want to have a working implementation first.
The operation is intended to be used by LDAP clients which are application
protocol servers to authenticate application protocol users. For
instance, a web server could authenticate it's users via this operation.
Multiple operations can be executed in parallel on a session. SASL can be
used. Could also be used by a DSA to authenticate users whose entries
(or complete entries) are not held by the DSA.
Wondering if there are any volunteers to implement the server side?
Should be relatively straight forward.
I can spare some time on this, hopefully. Is it OK if I start looking at
how request/response are encoded in the client library, or should I know
something more first?