directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <aok...@bellsouth.net>
Subject Re: auth howto?
Date Sat, 04 Dec 2004 22:22:49 GMT
Mark Swanson wrote:

>Hello,
>
>I see there is an empty Jira issue (64) for auth policies, but I was wondering 
>if there was a quick and dirty paragraph available for authentication and 
>access control config and current status.
>  
>
Yeah its almost nil at this point Mark sorry.  We need to build the 
authorization subsystem.  Right now there are only some hard coded rules 
for protecting passwords and the admin user account. 

For authentication there's very little as well.  We only support simple 
authentication at this point. Enrique might look into SASL/GSSAPI at 
some point.  For the simple authentication here are the guidelines:

For the security principal just make sure you use a DN to an entry that 
has a userPassword field.  Right now the password is not using hashes 
like md5 or crypt.  It's all clear text as a byte[].  We can change this 
and need to soon but not in this release.

You have anything particular in mind or any use cases you need taken 
care of?

Alex

Mime
View raw message