directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ike Ikonne <iiko...@us.ibm.com>
Subject Re: SASL DIGEST-MD5 Authentication
Date Fri, 15 Aug 2014 21:00:05 GMT
Hi Kiran,

Thanks, the example that you sent made a huge difference; I have now 
managed to
get DIGEST-MD5 to work.  One of the problem is that I needed to restart 
APACHE DS
for all the configurations to take effect, that is my observation.

Again, thank you for the wonderful example, it made a difference; now, 
would CRAM-MD5
follow the same pattern?

Thanks,

Ike



From:   Kiran Ayyagari <kayyagari@apache.org>
To:     "users@directory.apache.org" <users@directory.apache.org>, 
Date:   08/15/2014 02:11 PM
Subject:        Re: SASL DIGEST-MD5 Authentication



I have successfully tested DIGEST-MD5(SASL) using Studio

Here is my server configuration http://pastebin.com/b0tsyVGK
I have added the below entry in my /etc/hosts file
   127.0.0.1     example.com

 I have added a user entry with DN uid=kirana,ou=system

 The Studio connection network tab looks like this
http://i.imgur.com/qfg2Aii.png
 and the Authentication tab like this http://i.imgur.com/eUFu3Gq.png

HTH


On Thu, Aug 14, 2014 at 6:10 AM, Ike Ikonne <iikonne@us.ibm.com> wrote:

> Hi all,
>
> Anyone has any more suggestions on how I can get DIGEST-MD5 SASL
> to work for me?  I haven't had any luck yet and I have tried all the
> suggestions
> from the group and I do thank you all for that, I  still have a need to
> get that authentication mechanism to work in my environment.
>
> Thanks,
>
> Ike
>
>
>
>
> From:   Kiran Ayyagari <kayyagari@apache.org>
> To:     "users@directory.apache.org" <users@directory.apache.org>,
> Date:   08/07/2014 12:08 AM
> Subject:        Re: SASL DIGEST-MD5 Authentication
>
>
>
> On Thu, Aug 7, 2014 at 4:10 AM, Ike Ikonne <iikonne@us.ibm.com> wrote:
>
> > Hi,
> >
> > I use JNDI API  on JRE 1.7  to establish connection to APACHE DS.
> > I am able to establish SIMPLE authentication to APACHE DS, I am
> > just trying to get DIGEST-MD5 to work.  Here are my enironment:
> >
> >          Hashtable env = new Hashtable();
> >         env.put(Context.INITIAL_CONTEXT_FACTORY, ldapCtxFactory);
> >
> >         if (authMethod != null)
> >             env.put(Context.SECURITY_AUTHENTICATION, authMethod);
> >         if (principal != null)
> >             env.put(Context.SECURITY_PRINCIPAL, principal);
> >         if (credentials != null)
> >             env.put(Context.SECURITY_CREDENTIALS, credentials);
> >         if (referral != null)
> >             env.put(Context.REFERRAL, referral);
> >         if (ldapVer != null)
> >             env.put("java.naming.ldap.version", ldapVer);
> >        env.put("java.naming.security.sasl.realm", "example.com");
> >
> > Tell me, do I need to configure the example.com realm or is it
> > configured as a default by APACHE DS?
> >
> your must be able to resolve your realm name (here example.com), either
> add an entry in your hosts file or in your internal DNS server
>
> >
> > Thanks,
> >
> > Ike
> >
> >
> >
> >
> > From:   Emmanuel Lécharny <elecharny@gmail.com>
> > To:     users@directory.apache.org,
> > Date:   08/06/2014 04:28 PM
> > Subject:        Re: SASL DIGEST-MD5 Authentication
> >
> >
> >
> > Le 06/08/14 22:40, Ike Ikonne a écrit :
> > > Hi all,
> > >
> > > Again, thanks all for your response;  so, do I need to make any
> > > external configuration other than the configuration to the APACHE 
DS?
> > > How do I change the default realm to point to my domain realm?
> > > Do I need to install/setup cyrus-sasl library to make this to work?
> >
> > No. We depends on the JVM which supports SASL.
> >
> > What client are you using ?
> >
> >
> >
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>
>


-- 
Kiran Ayyagari
http://keydap.com


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message