directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve hammond (JIRA)" <>
Subject [jira] Commented: (DIRSERVER-1240) After binding using NTLM, cannot query if AllowAnonymousAccess is off
Date Tue, 02 Sep 2008 13:43:44 GMT


Steve hammond commented on DIRSERVER-1240:

Some things we found out this weekend.

When logging in with NTLM, name (as an LdapDN) is not passed in.  This is because it is encrypted
in credentials, and it is possible that the DN for the name does not even exist on the LDAP
server with distributed authentication.

However ApahchDS is assuming that if the name is not present, it must be anonymous.

> After binding using NTLM, cannot query if AllowAnonymousAccess is off
> ---------------------------------------------------------------------
>                 Key: DIRSERVER-1240
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.5.3
>         Environment: Running on Windows under JBOSS
>            Reporter: Steve hammond
> After binding with NTLM, we can do a search and it says "Server has disabled anonymous
> One weird part, after setting AllowAnonymousAccess(false) on directory service, I cannot
even query sasl supported mechanisms.
> When I change that to true, but have apacheds.SetAllowAnonymousAccess(false), I can at
least bind, but I cannot do any queries, getting above error.
> When i allow all anonymous, I can bind with NTLM and do queries, but I think the queries
are being performed as anonymous.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message