directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel L├ęcharny <>
Subject Re: svn commit: r1144962 - /directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/
Date Tue, 12 Jul 2011 08:09:16 GMT
On 7/12/11 10:00 AM, Alex Karasulu wrote:
> On Tue, Jul 12, 2011 at 10:30 AM, Emmanuel Lecharny<>  wrote:
>> LDAP specify that you can do operation without being bound, and in this
>> case, the session will be anonymous. Defaulting to anonymous is then pretty
>> natural. Now, you may have something different in mind, can you elaborate ?
>> (Of course, the server might reject such operations done on a anonymous
>> session, and I can see that as a major issue if we default to anonymous)
> You're right we should either go anonymous or take the approach below
> which IMO is better. See below...
>>> We should require a bind to set the exact session.
>> That's an option : if the server reject anonymous operations, then
>> obviously, the user *must* bind. I would say that it *should* be the default
>> mode...
> So you're saying allow anonymous then if there is a failure then allow
> user to bind? Or by default force the user to bind?
I would say it's up to the user : the server may or may not allow 
anonymous operation (it's a configuration thing), but usually, it's 
probably a good idea for users to bind (using their credentials). So, 
yes, force them to bind should not harm...

Emmanuel L├ęcharny

View raw message