Hello, I was wondering if it is a known issue that when using sasl authorization combined with the rewrite module, one doesn't have access to either the binddn or the authz dn. The rewrite context bindDN is only called when the client supplies a DN in the simple-bind fashion (-D when using ldapsearch).
But if one uses a sasl mechanism (in order to use proxy auth for example) then the binding will happen with the result of the authz-regexp rewrite but this is not in a context of slapo-rwm, whose bindDN context sees whatever, if any, arbitrary bind DN the request contained (for example through -D).
Additionally there is no context regarding the authorization DN, which is pretty much a necessity if you plan on using authFrom and have remapped the dit.
Thank you, Kostas Koukopoulos