directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From directory-...@incubator.apache.org
Subject [Apache Directory Project Wiki] Updated: EveGeneral
Date Tue, 07 Dec 2004 02:53:21 GMT
   Date: 2004-12-06T18:53:21
   Editor: AlexKarasulu <akarasulu@apache.org>
   Wiki: Apache Directory Project Wiki
   Page: EveGeneral
   URL: http://wiki.apache.org/directory/EveGeneral

   no comment

Change Log:

------------------------------------------------------------------------------
@@ -4,15 +4,14 @@
 
 == Out-of-the-box Authentication ==
 
-* Eve's super-user (uid=admin,ou=system) is created on the first start and has its userPassword
field set to "secret".
+ * Eve's super-user (uid=admin,ou=system) account is created on the first start and has its
userPassword field set to "secret".  It's created when the system partition is created.  From
here on its up to the administrator to change this password.  No other user besides admin
has access to the superuser's entry.
 
-* Another test user uid=akarasulu,ou=users,ou=system is created on first startup and has
password "test".
-
-* Any user entry that has the userPassword attribute set can be authenticated.  The user
need not be under ou=users, ou=system.
-
-* There are advantages to creating users under ou=users, ou=system.  First the user is available
regardless of the context partitions that are created.  The user also is protected by some
hardcoded authorization rules within the system.  Namely only self read is possible for all
users on their own accounts.  Users cannot see the credentials of others minus the super-user
of course.  This is an intermediate hardcoded authorization rule set until the authorization
subsystem matures.
+ * Another test user account uid=akarasulu,ou=users,ou=system is created on first startup
and has password "test".  Use it to play. 
 
+ * Any user entry that has the userPassword attribute set can be authenticated.  The user
need not be under ou=users, ou=system.
 
+ * There are advantages to creating users under ou=users, ou=system.  First the user is available
regardless of the context partitions that are created.  The user also is protected by some
hardcoded authorization rules within the system.  Namely only self read is possible for all
users on their own accounts.  Users cannot see the credentials of others minus the super-user
of course.  This is an intermediate hardcoded authorization rule set until the authorization
subsystem matures.
 
+ * By default, anonymous binds are allowed both via JNDI interfaces and via LDAP based network
clients.  So the server will start and work without any initial configuration.  The presence
of the ""eve.disable.anonymous"" property key disables anonymous user access on both interfaces
(JNDI and LDAP).
 
 

Mime
View raw message