directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <enriqu...@gmail.com>
Subject Re: [ApacheDS] Internal vs. external lookups
Date Thu, 31 May 2007 05:11:09 GMT
On 5/30/07, Alex Karasulu <akarasulu@apache.org> wrote:
> Enrique, I'm guessing you use "internal" for the value of the
> Context.SECURITY_AUTHENTICATION [0] JNDI parameter.  Is
> this a correct presumption?

Yes.

> This parameter is hence used to set the authentication level right?  I guess
> this is attractive to do since it marks the Context for the life of the
> Context
> and you can differentiate it from LDAP sessions which authenticate on
> InitialContexts using the other authentication levels.  In this case your
> tactic would work but it could be implemented a little better.  There is no
> reason why we should have to do this with the authentication level which
> is really orthogonal to your aim of identifying "who" is attempting the
> authentication.

Actually, I very much care whether the request is internal vs.
external and much much less "who" is attempting the authentication.
The issue with what I want to do is that certain operations must NEVER
be allowed to occur from outside the server.  Basing this upon the
bind principal does not help since a bind principal can be
compromised.  To avoid a security problem when a principal is
compromised, I must prevent certain operations from ever occuring from
outside the server, and thus I must know whether a request is coming
from inside vs. outside the server and not who the bind principal is.

> The SECURITY_PRINCIPAL environment parameter already does this so
> why not just use it.  All we need to do is create some standard principals
> for these services that comes with ApacheDS out of the box, packaged into
> the DIT.  We can easily promote these principals to the point of having
> administrator like powers.  I added some standard groups to ADS to allow
> this.  This by far is the best mechanism I can see.  This property is
> specifically
> there for answering your question.  Also you can extract it from the
> ServerContext.getPrincipal() method which contains the normalized DN of the
> binding principal.

I very specifically care to know when requests are being made internal
vs. external to the server, so SECURITY_PRINCIPAL is not what I want.
The fact that "internal" could be used as an authenticationLevel is a
possible bonus in ACI evaluation, but I'm sorry I brought it up since
it has obviously confused my original question about how to determine
whether a request is coming from inside vs. outside the server.

Enrique

Mime
View raw message