directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <>
Subject [SASL] Authentication Level = Strong
Date Sun, 08 Apr 2007 03:18:28 GMT
Hi, Directory developers,

I committed 'strong' X.501 authenticationLevel support to the SASL
branch.  So, if you Bind with any of the SASL mechanisms (CRAM-MD5,
DIGEST-MD5, GSSAPI), your user principal for acquiring LdapContexts
now has the authenticationLevel set to 'strong'.

I mention this because I'm not sure how to *really* test it.  All the
current tests pass.  I'm not yet familiar with the ACI subsystem, so
any pointers to tests that could be used as a starting point to test
access based on authentication level would be appreciated.
Alternatively, those of you more familiar with ACI can now work on
tests that take advantage of this new capability.

Also, besides access control, is there anywhere else the
authentication level matters?


View raw message