Credential Cache Problem
Pankaj Mathur
agentman97 at hotmail.com
Thu Sep 1 13:58:19 EDT 2005
Hi,
I am using OpenLDAP-2.2.26 with Cyrus SASL-2.1.20.
The problem is that when I use DIGEST-MD5 binding with openldap, for a
particular user say - 'user1', then the first time it works; then if I use
'user1' again, it fails and says 'Invalid Credentials'. I checked the userid
and password, which is being sent correctly.
To get rid of this problem, I have to log in as a second user (say 'user2'),
and then if I use 'user1' again, it works.
This suggests that some kind of caching is happening at the at SASL level.
How can I turn off this caching?
Please help!!
(Please also see the function calls being made in OpenLDAP below).
Thanks,
P.
----------------------------------------------------------------------------------------------------------------------------------------
I am using ldap_sasl_interactive_bind_s in the following way in a function
(which consists of just the code below):
void* defaults = NULL;
int rc = 0;
defaults = lutil_sasl_defaults( ld,
(char*)mechanism,
NULL,
(char*) dn,
cred->bv_val,
NULL );
rc= ldap_sasl_interactive_bind_s( ld, (char*) dn, (char*) mechanism, NULL,
NULL,
LDAP_SASL_AUTOMATIC, lutil_sasl_interact, defaults );
lutil_sasl_freedefs( defaults );
(When using DIGEST-MD5, it works fine for the first time within a process,
however when calling it again in a separate LDAP connection, it returns
"Invalid Credentials".)
More information about the Cyrus-sasl
mailing list