I am using a CGI perl script to show users what the directory knows
about them that they are allowed to see. The way I do this is to
connect to the directory, find the cert the user presented to the
server, and proxying as the user. This worked fine, until we
switched to IPlanet 6 Directory server. Then the search for the
users cert failed.
The script grabs the cert the user presented, performs the
substitions required by RFC 2254, and sends it as a filter to the
Directory. It seems that how the directory handles binary data has
changed. I look in the diretories access logs, and everything in the
cert has been escaped. Is there any way to prevent this?