Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/man
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2008-06-14 13:31:30 +0200
committerArthur de Jong <arthur@arthurdejong.org>2008-06-14 13:31:30 +0200
commit8c589385f918cf7ef4e0d9d9982bba3865dbfee2 (patch)
treeed16564f974e0d3594af335747919cf95ce32d79 /man
parentbef987ec06c19ddb3f87c237e60b722941af568b (diff)
implement SASL authentication based on a patch by Dan White <dwhite@olp.net>
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@762 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'man')
-rw-r--r--man/nss-ldapd.conf.5.xml61
1 files changed, 46 insertions, 15 deletions
diff --git a/man/nss-ldapd.conf.5.xml b/man/nss-ldapd.conf.5.xml
index 834029b..05661aa 100644
--- a/man/nss-ldapd.conf.5.xml
+++ b/man/nss-ldapd.conf.5.xml
@@ -176,11 +176,10 @@
<para>
Specifies the clear text credentials with which to bind.
This option is only applicable when used with <option>binddn</option> above.
- </para>
- <para>
- When binding to the directory using <acronym>SASL</acronym> or other
- authentication mechanisms apart from simple binds, this option is not
- used.
+<!-- WHEN SASL IS DOCUMENTED:
+ This option is only applicable when either the <option>binddn</option> or
+ <option>sasl_authcid</option> options are used.
+-->
</para>
</listitem>
</varlistentry>
@@ -194,32 +193,64 @@
<variablelist>
<varlistentry>
- <term><option>sasl_authid</option> <emphasis remap="I">AUTHID</emphasis></term>
+ <term><option>use_sasl</option> yes|no</term>
<listitem>
<para>
- Specifies the authorization identity to be used when performing <acronym>SASL</acronym>
- authentication.
+ Specifies whether <acronym>SASL</acronym> authentication should be used.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>sasl_secprops</option> <emphasis remap="I">PROPERTIES</emphasis></term>
+ <term><option>sasl_mech</option> <emphasis remap="I">MECHANISM</emphasis></term>
<listitem>
<para>
- Specifies Cyrus <acronym>SASL</acronym> security properties. Allowed values are described
- in the
- <citerefentry><refentrytitle>ldap.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- manual page.
+ Specifies the <acronym>SASL</acronym> mechanism to be used when
+ performing <acronym>SASL</acronym> authentication.
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><option>use_sasl</option> yes|no</term>
+ <term><option>sasl_realm</option> <emphasis remap="I">REALM</emphasis></term>
<listitem>
<para>
- Specifies whether <acronym>SASL</acronym> authentication should be used.
+ Specifies the <acronym>SASL</acronym> realm to be used when performing
+ <acronym>SASL</acronym> authentication.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>sasl_authcid</option> <emphasis remap="I">AUTHCID</emphasis></term>
+ <listitem>
+ <para>
+ Specifies the authentication identity to be used when performing
+ <acronym>SASL</acronym> authentication.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>sasl_authzid</option> <emphasis remap="I">AUTHZID</emphasis></term>
+ <listitem>
+ <para>
+ Specifies the authorization identity to be used when performing
+ <acronym>SASL</acronym> authentication.
+ Must be specified in one of the formats: dn:&lt;distinguished name&gt;
+ or u:&lt;username&gt;.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>sasl_secprops</option> <emphasis remap="I">PROPERTIES</emphasis></term>
+ <listitem>
+ <para>
+ Specifies Cyrus <acronym>SASL</acronym> security properties.
+ Allowed values are described in the
+ <citerefentry><refentrytitle>ldap.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ manual page.
</para>
</listitem>
</varlistentry>