directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <christian.hueb...@lhsystems.com>
Subject AW: WG: [server] writing my own authenticator
Date Thu, 16 Jun 2005 08:07:18 GMT
Hi,

What I'm trying to implemnt, is too get several attributes only passed to known hosts. At
the next step, I'd like to pass some attributes only to the client if he uses a secure connection.

So I could use the clients hostname or IP and if he is using a secure protocol like SSL or
not.

I've learned, that the in big companies logins and passwords to systems spread like fire (i.e.
when programmers begin another project), but in a well secured network it is not quite as
easy to use the IP of another server. Or at least, when i have an IP I cant track down, who
accesses my systems.

IMHO to these reasons a principal and credentials is not enough too authenticate somebody.

>So we're good if the protocol provider stuff's this extra information 
>into the environment of the context.  We can make the changes but how 
>should we manage the keys?
>What do you want in there?  Would you like to make the changes yourself 
>and see if it works?

I think in BindRequest ProtocolSession.getTransportType() and ProtocolSession.getRemoteAdress
should be stored in the context. When you have no time to do this, perhaps I could do this
tomorrow from home, because my svn plugin cannot use a proxy. But to be honest, I'd never
checked some source in or changed one of your projects, so I'm a little nervous about that.
;-)

Greetings
Christian

Mime
View raw message