From commits-return-36321-apmail-directory-commits-archive=directory.apache.org@directory.apache.org Wed Apr 3 14:23:11 2013 Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 32179FB37 for ; Wed, 3 Apr 2013 14:23:11 +0000 (UTC) Received: (qmail 20246 invoked by uid 500); 3 Apr 2013 14:23:10 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 20209 invoked by uid 500); 3 Apr 2013 14:23:10 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 20201 invoked by uid 99); 3 Apr 2013 14:23:10 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Apr 2013 14:23:10 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Apr 2013 14:23:08 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id BED0E2388A39 for ; Wed, 3 Apr 2013 14:22:48 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r857125 - in /websites/staging/directory/trunk/content: ./ apacheds/advanced-ug/4.1.1.2-name-password-authn.html apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html Date: Wed, 03 Apr 2013 14:22:48 -0000 To: commits@directory.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130403142248.BED0E2388A39@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: buildbot Date: Wed Apr 3 14:22:48 2013 New Revision: 857125 Log: Staging update by buildbot for directory Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html Modified: websites/staging/directory/trunk/content/ (props changed) websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html Propchange: websites/staging/directory/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Wed Apr 3 14:22:48 2013 @@ -1 +1 @@ -1464033 +1464038 Modified: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html (original) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html Wed Apr 3 14:22:48 2013 @@ -278,7 +278,7 @@ return false

- A few rule of thumb :
+ A few rules of thumb :
o Never store a password as plain text.
o Prefer salted methods over non salted ones, and prefer the strongest one (here, SSHA-512 on Studio 2.0, or SSHA)
o crypt is also a good choice
Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html (added) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html Wed Apr 3 14:22:48 2013 @@ -0,0 +1,176 @@ + + + + + 4.1.1.3 Unauthenticated Authentication — Apache Directory + + + + + + + + + + + + +
+ +
+
+ + + +
+
+ + + + + +

4.1.1.3 - Unauthenticated Authentication

+

The Unauthenticated Authentication mechanism is a bit specific. First of all, none all the LDAP servers support such a mechanism. In fact, the default behavior is for server to return a unwillingToPerform result code when someone tries to bind using a null password.

+

We won't go any deeper into this 'feature', those interested in the rational behind it and the associated drawbacks can read the following links :

+

RFC 4513, Unauthenticated Authentication Mechanism of Simple Bind +and + RFC 4513, Unauthenticated Mechanism Security Considerations

+ + + + + +
+
+
+ +
+ + \ No newline at end of file