directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Hauser (JIRA)" <>
Subject [jira] Created: (DIRSERVER-641) provide a security context to
Date Sun, 11 Jun 2006 13:41:29 GMT
provide a security context to

         Key: DIRSERVER-641
     Project: Directory ApacheDS
        Type: New Feature

  Components: core  
    Versions: 1.0-RC3    
 Environment: windows and linux
    Reporter: Ralf Hauser

The ldap application we are working on has high security requirements, both in terms of "fine-grained"-policies
we need to be able to implement as well as for the audit trail we must be able to provide.

For that, we should be able to distinguish/ensure/record in our authenticate() method
- whether the bind request was received unprotected or protected
- if with SSL protected, what session key was negotiated (if with 256+bit AES, client is entitled
to see more than with 128 bit, let alone 40). 
These give our application strong hints whether we must consider a credential (passwords in
particular) compromised or not.

I assume this would either imply adding 1-2 more parameters to the method interface of
or extending the ServerContext object correspondingly.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message