directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1464038 - in /directory/site/trunk/content/apacheds/advanced-ug: 4-authentication-and-authorization.mdtext 4.1.1.2-name-password-authn.mdtext 4.1.1.3-unauthenticated-authn.mdtext
Date Wed, 03 Apr 2013 14:22:42 GMT
Author: elecharny
Date: Wed Apr  3 14:22:42 2013
New Revision: 1464038

URL: http://svn.apache.org/r1464038
Log:
Added a page, plus some typoes fixing

Added:
    directory/site/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.mdtext
      - copied, changed from r1463962, directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-unauthenticated-authn.mdtext
Modified:
    directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.mdtext

Modified: directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext?rev=1464038&r1=1464037&r2=1464038&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext
(original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext
Wed Apr  3 14:22:42 2013
@@ -27,10 +27,10 @@ Notice: Licensed to the Apache Software 
 ## Chapter content
 
 * [4.1 - Authentication](4.1-authentication.html)
-      * [4.1.1 - Simple authentication](4.1.1-simple-authn.html)
-          * [4.1.1.1 - Anonymous Authentication](4.1.1.1-anonymous-authn.html)
-          * [4.1.1.2 - Name/Password Authentication](4.1.1.2-name-password-authn.html)
-          * [4.1.1.2 - Unauthenticated Authentication](4.1.1.2-unauthenticated-authn.html)
+     * [4.1.1 - Simple authentication](4.1.1-simple-authn.html)
+        * [4.1.1.1 - Anonymous Authentication](4.1.1.1-anonymous-authn.html)
+        * [4.1.1.2 - Name/Password Authentication](4.1.1.2-name-password-authn.html)
+        * [4.1.1.2 - Unauthenticated Authentication](4.1.1.2-unauthenticated-authn.html)
     * [4.1.2 - SASL authentication](4.1.3-sasl-authn.html)
         * [4.1.2.1 - SASL anonymous Authentication](4.1.2.1-sasl-anonymous-authn.html)
         * [4.1.2.2 - SASL plain text Authentication](4.1.2.2-sasl-plain-text-authn.html)

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.mdtext?rev=1464038&r1=1464037&r2=1464038&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.mdtext Wed
Apr  3 14:22:42 2013
@@ -141,7 +141,7 @@ Here, one of the **userPassword** value 
     return false
 
 <DIV class="note" markdown="1">
-  A few rule of thumb :<BR/>
+  A few rules of thumb :<BR/>
   o Never store a password as plain text. <BR/>
   o Prefer salted methods over non salted ones, and prefer the strongest one (here, SSHA-512
on Studio 2.0, or SSHA)<BR/>
   o crypt is also a good choice<BR/>

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.mdtext
(from r1463962, directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-unauthenticated-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-unauthenticated-authn.mdtext&r1=1463962&r2=1464038&rev=1464038&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.1.2-unauthenticated-authn.mdtext
(original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.mdtext
Wed Apr  3 14:22:42 2013
@@ -0,0 +1,33 @@
+Title: 4.1.1.3 Unauthenticated Authentication
+NavPrev: 4.1.1.2-name-password-authn.html
+NavPrevText: 4.1.1.2 - Name/Password Authentication
+NavUp: 4.1.1-simple-authn.html
+NavUpText: 4.1.1 - Simple authentication
+NavNext: 4.1.3-sasl-authn.html
+NavNextText: 4.1.2 - SASL authentication
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# 4.1.1.3 - Unauthenticated Authentication
+
+The **Unauthenticated Authentication** mechanism is a bit specific. First of all, none all
the **LDAP** servers support such a mechanism. In fact, the default behavior is for server
to return a **unwillingToPerform** result code when someone tries to bind using a null password.
+
+We won't go any deeper into this 'feature', those interested in the rational behind it and
the associated drawbacks can read the following links :
+
+  [RFC 4513, Unauthenticated Authentication Mechanism of Simple Bind](http://tools.ietf.org/html/rfc4513#section-5.1.2)
+and
+  [RFC 4513, Unauthenticated Mechanism Security Considerations](http://tools.ietf.org/html/rfc4513#section-6.3.1)
\ No newline at end of file



Mime
View raw message