directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Enrique Rodriguez" <enriqu...@gmail.com>
Subject Re: [ApacheDS] Questions about the server.xml file of Apache DS 1.5.1 ?
Date Fri, 16 Nov 2007 21:12:43 GMT
On Nov 16, 2007 1:44 AM, Pierre-Arnaud Marcelot <pa@marcelot.net> wrote:
>  ...
> Earlier in the file we can see this property in the environment bean:
> > <prop key=" java.naming.security.authentication">simple</prop>
> >
>
> Can this "java.naming.security.authentication" property be set to something
> else than 'simple' ? If yes, I suppose the value has to chosen between one
> of the supported mechanisms right ?

The property is for internal binding, so it is set to simple and I
don't believe any other value has an effect, since SASL binds only
take place via the LDAP (wire) protocol.  This is mostly a side-effect
from using JNDI as the internal interface, since it doesn't really
make sense to have SASL ("strong") bind types internal to the server.
The list of SASL supported mechanisms is what you want to "turn on" to
allow clients to use with the LDAP (wire) protocol.

So, this property is unrelated to our SASL support.  For a developer
using Sun's JNDI client, you would be able to use this property in
client-side code to choose the simple or SASL mechanism you want to
use.  You can see this in action in the SASL bind and SASL GSSAPI
tests in 'server-unit'.

The other guys can comment more but I think this property is going
away with the removal of JNDI in 'bigbang'.

Enrique

Mime
View raw message