From: Graham B. <gb...@po...> - 2002-06-11 08:04:42
|
On Tue, Jun 11, 2002 at 08:40:49AM +0100, Chris Ridd wrote: > On 10/6/02 11:11 pm, ma...@mj... <ma...@mj...> wrote: > > > Kerberos via LDAP should occur via SASL. I think some LDAP > > servers did native K4 before SASL. > > LDAPv2 had support for kerberos 4 in the bind operation. This support was > removed in LDAPv3, presumably with the expectation that you would want to do > it via a SASL mechanism instead. (Which makes sense.) > > Net::LDAP::ASN does not contain the ASN.1 for LDAPv2's kerberos 4 bind > choices any more, which explains the "not supported" claim :-) That is probbaly because when I changes to Convert::ASN1 I copied the ASN.1 from the LDAPv3 RFCs. But ->bind still supports the krb4 parameters. We could add the krb4 entries into the ASN if someone wants to use them. Graham. |