On Fri, Mar 19, 2010 at 1:27 PM, masarati@aero.polimi.it wrote:
Hi,
I am still trying to make an sasl bind. Now I use ldap_sasl_bind_s with 'CRAM-MD5'. The server sends a 'LDAP_SASL_BIND_IN_PROGRESS' back, but as far as I can see the server cred are empty. How do I make the next call with ldap_sasl_bind_s?
In the documentation I have seen that the use of ldap_sasl_bind is not recommended as client use, instead the ldap_sasl_interactive_bind_s should be preferred. Has anyone a working example of how to use this method, or some api doc? I have no clue how to set 'flags' the LDAP_SASL_INTERACT_PROC, an the 'defaults' params..
You first say that you're using ldap_sasl_bind_s(), and then you note that ldap_sasl_bind() is not recommended. Do you realize that despite some similarities in the name, the two functions are profoundly different? By no means ldap_sasl_bind_s() can return LDAP_SASL_BIND_IN_PROGRESS.
Yes, I know that those methods behave differently - as I have read in the docs, I just search for the simplest alternative as possible for ldap_simple_bind, since I have seen that the ldap_simple_bind methods are deprecated.
Nevertheless ldap_sasl_bind_s returns LDAP_SASL_BIND_IN_PROGRESS which I understand as a challenge which should be returned back to the server. This one seems to had a similiar issue: http://bit.ly/awT4D4
But I think I have to look at the examples for better understanding - thx for the tip!
ldap_sasl_bind_s() can be used, passing LDAP_SASL_SIMPLE, in lieu of ldap_simple_bind_s(). ldap_sasl_interactive_bind_s(), only need to be used for those methods that require multiple steps; LDAP_SASL_BIND_IN_PROGRESS indicates that a further step is expected, which never happens when performing a simple bind. See the code snippet in slap_client_connect(), in servers/slapd/config.c for a complete example of how both functions can be used in the most complete form.
p.
Thx a lot!
On Fri, Mar 19, 2010 at 8:14 PM, masarati@aero.polimi.it wrote:
On Fri, Mar 19, 2010 at 1:27 PM, masarati@aero.polimi.it wrote:
Hi,
I am still trying to make an sasl bind. Now I use ldap_sasl_bind_s with 'CRAM-MD5'. The server sends a 'LDAP_SASL_BIND_IN_PROGRESS' back, but as far as I can see the server cred are empty. How do I make the next call with ldap_sasl_bind_s?
In the documentation I have seen that the use of ldap_sasl_bind is not recommended as client use, instead the ldap_sasl_interactive_bind_s should be preferred. Has anyone a working example of how to use this method, or some api doc? I have no clue how to set 'flags' the LDAP_SASL_INTERACT_PROC, an the 'defaults' params..
You first say that you're using ldap_sasl_bind_s(), and then you note that ldap_sasl_bind() is not recommended. Do you realize that despite some similarities in the name, the two functions are profoundly different? By no means ldap_sasl_bind_s() can return LDAP_SASL_BIND_IN_PROGRESS.
Yes, I know that those methods behave differently - as I have read in the docs, I just search for the simplest alternative as possible for ldap_simple_bind, since I have seen that the ldap_simple_bind methods are deprecated.
Nevertheless ldap_sasl_bind_s returns LDAP_SASL_BIND_IN_PROGRESS which I understand as a challenge which should be returned back to the server. This one seems to had a similiar issue: http://bit.ly/awT4D4
But I think I have to look at the examples for better understanding - thx for the tip!
ldap_sasl_bind_s() can be used, passing LDAP_SASL_SIMPLE, in lieu of ldap_simple_bind_s(). ldap_sasl_interactive_bind_s(), only need to be used for those methods that require multiple steps; LDAP_SASL_BIND_IN_PROGRESS indicates that a further step is expected, which never happens when performing a simple bind. See the code snippet in slap_client_connect(), in servers/slapd/config.c for a complete example of how both functions can be used in the most complete form.
p.
On Fri, Mar 19, 2010 at 9:04 PM, Thilko Richter thilko.richter@googlemail.com wrote:
Thx a lot!
On Fri, Mar 19, 2010 at 8:14 PM, masarati@aero.polimi.it wrote:
On Fri, Mar 19, 2010 at 1:27 PM, masarati@aero.polimi.it wrote:
Hi,
I am still trying to make an sasl bind. Now I use ldap_sasl_bind_s with 'CRAM-MD5'. The server sends a 'LDAP_SASL_BIND_IN_PROGRESS' back, but as far as I can see the server cred are empty. How do I make the next call with ldap_sasl_bind_s?
In the documentation I have seen that the use of ldap_sasl_bind is not recommended as client use, instead the ldap_sasl_interactive_bind_s should be preferred. Has anyone a working example of how to use this method, or some api doc? I have no clue how to set 'flags' the LDAP_SASL_INTERACT_PROC, an the 'defaults' params..
You first say that you're using ldap_sasl_bind_s(), and then you note that ldap_sasl_bind() is not recommended. Do you realize that despite some similarities in the name, the two functions are profoundly different? By no means ldap_sasl_bind_s() can return LDAP_SASL_BIND_IN_PROGRESS.
Yes, I know that those methods behave differently - as I have read in the docs, I just search for the simplest alternative as possible for ldap_simple_bind, since I have seen that the ldap_simple_bind methods are deprecated.
Nevertheless ldap_sasl_bind_s returns LDAP_SASL_BIND_IN_PROGRESS which I understand as a challenge which should be returned back to the server. This one seems to had a similiar issue: http://bit.ly/awT4D4
But I think I have to look at the examples for better understanding - thx for the tip!
ldap_sasl_bind_s() can be used, passing LDAP_SASL_SIMPLE, in lieu of ldap_simple_bind_s(). ldap_sasl_interactive_bind_s(), only need to be used for those methods that require multiple steps; LDAP_SASL_BIND_IN_PROGRESS indicates that a further step is expected, which never happens when performing a simple bind. See the code snippet in slap_client_connect(), in servers/slapd/config.c for a complete example of how both functions can be used in the most complete form.
I now use ldap_sasl_bind and parse the result with ldap_result and ldap_parse_result. I get a LDAP_AUTH_METHOD_NOT_SUPPORTED. I have existing supportedSASLMechanisms properties on the entry, but I dont now which value I have to set for simple bind, PLAIN?
Thilko
p.
openldap-technical@openldap.org