[Melbourne-pm] Net::LDAPS usage
Brendon Oliver
brendon.oliver at gmail.com
Sun Sep 25 16:42:18 PDT 2016
Greetings all,
I'm working on a rather old mod-perl (yes, apache 1.3) application which
has a substantial dependency on a directory server elsewhere on the
network, so uses Net::LDAP for all connections & directory searches. Most
connections use anonymous binds on-demand when performing a lookup against
the directory.
Anyway, the existing directory server is being retired and it's replacement
requires secure, authenticated connections meaning a switch to using
Net::LDAPS to enable the secure connection. Problem is, I'm a little
concerned about the following comment in the BUGS section of the Net::LDAPS
pod:
You cannot have more than one LDAPS connection at any one time, due to
restrictions in the underlying Net::SSLeay code.
Can anyone shed any light on what this restriction might be that's imposed
by Net::SSLeay? I've been digging around but don't really understand what
that module's doing.
Due to the large number of on-demand connections made from the mod-perl
application to the directory server, I've wrapped the Net::LDAPS object
inside a Class::Singleton, which appears to work ok in testing but I'm
wondering if I'm missing something that might present a problem later. I'm
hoping that a singleton object within each mod-perl process will be
sufficient to work around the Net::LDAPS issue.
In case it matters: the mod-perl application treats the directory service
as a read-only medium (only searches, no updates).
Thoughts anyone?
Cheers,
- Brendon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/melbourne-pm/attachments/20160926/c17c792d/attachment.html>
More information about the Melbourne-pm
mailing list