LDAP draft-wahl-ldap-session

Arran Cudbard-Bell a.cudbardb at freeradius.org
Tue Jun 23 18:59:19 CEST 2015


> On Jun 23, 2015, at 12:45 AM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
> 
>> 
>> On 22 Jun 2015, at 16:22, Michael Ströder <michael at stroeder.com> wrote:
>> 
>> Arran Cudbard-Bell wrote:
>>> 
>>>> On Jun 22, 2015, at 3:38 PM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>>>> 
>>>> 
>>>>> On Jun 22, 2015, at 3:25 PM, Michael Ströder <michael at stroeder.com> wrote:
>>>>> 
>>>>> HI!
>>>>> 
>>>>> Recently I appreciated very much that some LDAP clients send the Session Track
>>>>> Control [1] along with their LDAP requests. draft-wahl-ldap-session was
>>>>> written especially with RADIUS in mind. Any chance to see this implemented?
>>>> 
>>>> So, what would be the session identifier in the case of Authentication (which is when rlm_ldap is being called)?
>>> 
>>> Looks like it'd be username... Weird.
>>> I guess I can see the point.
>> 
>> Yes, I think so.
>> 
>>> Are you sure OpenLDAP implements the server portion of this?
>> 
>> Yes!
>> 
>> I also make use of it in my web2ldap and in a password self-service
>> application. It's nice to see the browser IP getting logged in syslog and even
>> in the accesslog DB (when using slapo-accesslog).
> 
> OK. Get to testing. v3.1.x branch only. Be sure to run at least 10k requests through it
> to check for memory leaks.

Looks like older versions of libldap had a messed up declaration in ldap.h. I've added a work around for it, so if it previously didn't build, it should now.

-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150623/5aa74d88/attachment-0001.sig>


More information about the Freeradius-Users mailing list