From: Graham B. <gb...@po...> - 2000-05-04 14:14:40
|
On Thu, May 04, 2000 at 02:49:22PM +0100, Chris Ridd wrote: > > > > > $br = $self->{ldap}->bind( $self->{mydn}, passwd => $self->{service} ); > > > > passwd is not a valid option, you need password. This will result in > > bind doing an anonymous bind. > > > > We need to catch this, but I do not want to add option name verification > > to all the methods as that will slow things down (too much IMO). > > > > Maybe an anonymous bind should be explicitly specified. ie none, password or sasl > > must be given and password => '' is illegal (it must be none) > > > > Does anyone have any thoughts ? > > That makes sense. Something like a 'method' parameter, with values > 'anonymous'/'none' (empty name + empty password), 'nameonly' (name + > empty password), 'simple' (name + password), or 'sasl' (erm, "stuff"). Hm, you mean split the method and password into two like method => 'sasl', password => $sasl method => 'anonymous' method => 'simple', password => $pass was just tinking of requiring one of sasl anon (none anonymous whatever) or simple to be passed. This gives compatability with the current syntax and gives checking too. Also a password of '' should probably not be allowed with simple. > The current default of 'none' should be kept. You mean anonymous bind if no method is given ? That would leave use where we are now if someone misspells method. I would rather requier a method parameter. Graham. |