directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: SASL DIGEST-MD5 Authentication
Date Sat, 16 Aug 2014 05:31:04 GMT
On Sat, Aug 16, 2014 at 2:30 AM, Ike Ikonne <iikonne@us.ibm.com> wrote:

> Hi Kiran,
>
> Thanks, the example that you sent made a huge difference; I have now
> managed to
> get DIGEST-MD5 to work.  One of the problem is that I needed to restart
> APACHE DS
> for all the configurations to take effect, that is my observation.
>
> Again, thank you for the wonderful example, it made a difference; now,
> would CRAM-MD5
> follow the same pattern?
>
> yes

> Thanks,
>
> Ike
>
>
>
> From:   Kiran Ayyagari <kayyagari@apache.org>
> To:     "users@directory.apache.org" <users@directory.apache.org>,
> Date:   08/15/2014 02:11 PM
> Subject:        Re: SASL DIGEST-MD5 Authentication
>
>
>
> I have successfully tested DIGEST-MD5(SASL) using Studio
>
> Here is my server configuration http://pastebin.com/b0tsyVGK
> I have added the below entry in my /etc/hosts file
>    127.0.0.1     example.com
>
>  I have added a user entry with DN uid=kirana,ou=system
>
>  The Studio connection network tab looks like this
> http://i.imgur.com/qfg2Aii.png
>  and the Authentication tab like this http://i.imgur.com/eUFu3Gq.png
>
> HTH
>
>
> On Thu, Aug 14, 2014 at 6:10 AM, Ike Ikonne <iikonne@us.ibm.com> wrote:
>
> > Hi all,
> >
> > Anyone has any more suggestions on how I can get DIGEST-MD5 SASL
> > to work for me?  I haven't had any luck yet and I have tried all the
> > suggestions
> > from the group and I do thank you all for that, I  still have a need to
> > get that authentication mechanism to work in my environment.
> >
> > Thanks,
> >
> > Ike
> >
> >
> >
> >
> > From:   Kiran Ayyagari <kayyagari@apache.org>
> > To:     "users@directory.apache.org" <users@directory.apache.org>,
> > Date:   08/07/2014 12:08 AM
> > Subject:        Re: SASL DIGEST-MD5 Authentication
> >
> >
> >
> > On Thu, Aug 7, 2014 at 4:10 AM, Ike Ikonne <iikonne@us.ibm.com> wrote:
> >
> > > Hi,
> > >
> > > I use JNDI API  on JRE 1.7  to establish connection to APACHE DS.
> > > I am able to establish SIMPLE authentication to APACHE DS, I am
> > > just trying to get DIGEST-MD5 to work.  Here are my enironment:
> > >
> > >          Hashtable env = new Hashtable();
> > >         env.put(Context.INITIAL_CONTEXT_FACTORY, ldapCtxFactory);
> > >
> > >         if (authMethod != null)
> > >             env.put(Context.SECURITY_AUTHENTICATION, authMethod);
> > >         if (principal != null)
> > >             env.put(Context.SECURITY_PRINCIPAL, principal);
> > >         if (credentials != null)
> > >             env.put(Context.SECURITY_CREDENTIALS, credentials);
> > >         if (referral != null)
> > >             env.put(Context.REFERRAL, referral);
> > >         if (ldapVer != null)
> > >             env.put("java.naming.ldap.version", ldapVer);
> > >        env.put("java.naming.security.sasl.realm", "example.com");
> > >
> > > Tell me, do I need to configure the example.com realm or is it
> > > configured as a default by APACHE DS?
> > >
> > your must be able to resolve your realm name (here example.com), either
> > add an entry in your hosts file or in your internal DNS server
> >
> > >
> > > Thanks,
> > >
> > > Ike
> > >
> > >
> > >
> > >
> > > From:   Emmanuel Lécharny <elecharny@gmail.com>
> > > To:     users@directory.apache.org,
> > > Date:   08/06/2014 04:28 PM
> > > Subject:        Re: SASL DIGEST-MD5 Authentication
> > >
> > >
> > >
> > > Le 06/08/14 22:40, Ike Ikonne a écrit :
> > > > Hi all,
> > > >
> > > > Again, thanks all for your response;  so, do I need to make any
> > > > external configuration other than the configuration to the APACHE
> DS?
> > > > How do I change the default realm to point to my domain realm?
> > > > Do I need to install/setup cyrus-sasl library to make this to work?
> > >
> > > No. We depends on the JVM which supports SASL.
> > >
> > > What client are you using ?
> > >
> > >
> > >
> >
> >
> > --
> > Kiran Ayyagari
> > http://keydap.com
> >
> >
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>
>


-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message