[midPoint] connector-ldap and SASL-GSSAPI
Radovan Semancik
radovan.semancik at evolveum.com
Wed Jan 3 12:37:37 CET 2018
Hi,
SASL-GSSAPI support is mostly a matter of Apache Directory API. That is
the LDAP API that the connector is using. I'm not entirely sure whether
the API supports SASL-GSSAPI. What I can tell for sure is that I'm not
aware of any midPoint deployment that is using that. Anyway, even if it
is supported by the directory API it was never tested with midPoint LDAP
connector. Therefore it is likely that some connector code changes will
be needed. And from my experience there is a slight chance that even
Apache Directory API changes might be needed to fully support your
use-case. We will gladly accept pull request in case you have the
capacity to make the code changes. Otherwise I can recommend to purchase
midPoint platform subscription which is designed to address such issues.
--
Radovan Semancik
Software Architect
evolveum.com
On 01/03/2018 12:02 AM, Christopher Hoskin wrote:
> According to the documentation [1], the LDAP Connector should support
> SASL-GSSAPI as an authentication type.
>
> I was wondering if this has actually been implemented? Looking at the
> code [2],[3], it's not obvious to me that setting authenticationType
> to SASL-GSSAPI actually has any affect. From a quick scan of [4], I
> was expecting to find a call to bindSaslGssApi or bindSasl.
>
> Is the use of this authenticationType documented anywhere?
>
> Thanks.
>
> [1] https://wiki.evolveum.com/display/midPoint/LDAP+Connector+Migration
> [2] https://github.com/Evolveum/connector-ldap/search?l=Java&q=sasl
> [3]
> https://github.com/Evolveum/connector-ldap/search?l=Java&q=authenticationType
> [4] http://directory.apache.org/api/user-guide/5.3-sasl-bind.html
>
> Christopher Hoskin
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180103/7fa6f494/attachment.htm>
More information about the midPoint
mailing list