老玉米:
holly,前几天争论的ldap sasl auth mechanism问题,你说的实现方式可能使不对的
[阅读: 493] 2005-08-12 07:16:28
实际上你说的那种方式使客户端用的。
而在服务段,实际上就是用登记一个单独的pre-operation plugin的方式来实现的。。
看看sun得文档里的描述,虽然这文档说的是Netscape Directory Server 3.0 ,但我想实现的方式应该是一样的。
Supporting SASL on the Server
If you are running Netscape Directory Server 3.0 or later, you can write your own server plug-in to handle SASL authentication.
This pre-operation bind plug-in uses a registered SASL mechanism to
get information from a SASL bind request
create and send a SASL bind response back to the client.
This response can take the form of a challenge requiring an answer from the client, an error message, or a success message indicating that authentication is complete.
For more information on how to write this plug-in, see "Defining Functions for Authentication" in the Netscape Directory Server Plug-In Programmer's Guide.
For more information on SASL mechanisms, see "For More Information" at the end of this chapter.
民主不同于专制,不需要强加于人。--- 賴斯
大道之行也,天下为公,选贤与能,讲信修睦。故人不独亲其亲,不独子其子,使老有所终,壮有所用,幼有所长,矜、寡、孤、独、废疾者,皆有所养。男有分,女有归。货恶其弃於地也,不必藏於己;力恶其不出於身也,不必为己。是故,谋闭而不兴,盗窃乱贼而不作,故外户而不闭,是谓大同。--《礼运·大同篇》