Hi there,

This is my first post on this list, please if be gentle if I make any mistake agains the list rules, but I think it will not be the case

Iam trying to use mod_authz_ldap in apache to authenticate users against an openldap directory which contains some fields from a X.509 users certificates.

Theres a subjetDN field on the directory that contains this data:

issuerDN: /C=PT/O=Cart\xC3\xA3o de Cidad\xC3\xA3o/OU=subECEstado/CN=EC de Aute
 ntica\xC3\xA7\xC3\xA3o do Cart\xC3\xA3o de Cidad\xC3\xA3o 0003

Its a base64 coded string, equivalent to "Cartão de Cidadão" and "Autenticação do Cartão de Cidadão 0003"

the problem is that, mod_authz_ldap is returning "bad search filter" when it tries to query the ldap directory with this data

Testing using ldapsearch I have exactly the same problem so I thing they are related:
if i make this search:

ldapsearch -x -h ****** -p 389 -D "cn=******" -w **** -s sub -b "ou=AuthzLDAPCertmap,dc=cm-lisboa,dc=pt" "(issuerDN=/C=PT/O=Cart\xC3\xA3o de Cidad\xC3\xA3o/OU=subECEstado/CN=EC de Autentica\xC3\xA7\xC3\xA3o do Cart\xC3\xA3o de Cidad\xC3\xA3o 0003)" I get the (-7) Bad Search Filter error

if i strip all the '\x' from the search filter, i dont get the error but of course it returns nothing as well.

Can somebody help me? how can i do this kind of search with ldapsearch and how can I use mod_authz_ldap when theres users outhere who has accented characters on their certificates??

Regards
Luis






Hotmail: Powerful Free email with security by Microsoft. Get it now.