Skip to content
Snippets Groups Projects

ITS#10165 back-meta fails to bind to target when proxying an internal operation

ITS#10165 back-meta fails to bind to target when proxying an internal operation
Merged Nadezhda Ivanova requested to merge nivanova/openldap:its10165 into master

For some reason meta would skip calling meta_back_proxy_authz_cred if op->o_do_not_cache is set. This is redundant, since meta_back_proxy_authz_cred does have a check for this. When meta_back_proxy_authz_cred is skipped, the dn/cred combo is not initialized correctly, and instead of the proper sasl bind, meta attempts an anonymous bind, with dn, which the target server rejects. Invoking meta_back_proxy_authz_cred makes meta behave exactly like back-ldap in the same scenario, which seems to be the correct behavior.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply
Loading