Author: buildbot Date: Wed Apr 3 14:22:48 2013 New Revision: 857125 Log: Staging update by buildbot for directory Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html Modified: websites/staging/directory/trunk/content/ (props changed) websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html Propchange: websites/staging/directory/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Wed Apr 3 14:22:48 2013 @@ -1 +1 @@ -1464033 +1464038 Modified: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html (original) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.2-name-password-authn.html Wed Apr 3 14:22:48 2013 @@ -278,7 +278,7 @@ return false

- A few rule of thumb :
+ A few rules of thumb :
o Never store a password as plain text.
o Prefer salted methods over non salted ones, and prefer the strongest one (here, SSHA-512 on Studio 2.0, or SSHA)
o crypt is also a good choice
Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html (added) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.1.1.3-unauthenticated-authn.html Wed Apr 3 14:22:48 2013 @@ -0,0 +1,176 @@ + + + + + 4.1.1.3 Unauthenticated Authentication — Apache Directory + + + + + + + + + + + + +
+ +
+
+ + + +
+
+ + + + + +

4.1.1.3 - Unauthenticated Authentication

+

The Unauthenticated Authentication mechanism is a bit specific. First of all, none all the LDAP servers support such a mechanism. In fact, the default behavior is for server to return a unwillingToPerform result code when someone tries to bind using a null password.

+

We won't go any deeper into this 'feature', those interested in the rational behind it and the associated drawbacks can read the following links :

+

RFC 4513, Unauthenticated Authentication Mechanism of Simple Bind +and + RFC 4513, Unauthenticated Mechanism Security Considerations

+ + + + + +
+
+
+ +
+ + \ No newline at end of file