infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tony Stevenson (Commented) (JIRA)" <>
Subject [jira] [Commented] (INFRA-4639) Allow anonymous access to the asf-icla-publicname property in LDAP
Date Mon, 02 Apr 2012 22:23:32 GMT


Tony Stevenson commented on INFRA-4639:

## Make a user icla-publicname writable by 'self' and readable by 
## any authenticated user. 
access to dn.subtree="ou=people,dc=apache,dc=org"
   by self write
   by * read
   by anonymous auth

This means that any logged in user, that is configured for LDAP (i.e. can
access this record.
We dont have true anonymous access to any data, they are often forced to auth at a minimum,
some are explicitly denied see the ACL here -

> Allow anonymous access to the asf-icla-publicname property in LDAP
> ------------------------------------------------------------------
>                 Key: INFRA-4639
>                 URL:
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: LDAP
>            Reporter: Jukka Zitting
>            Priority: Minor
> In order to complete INFRA-4638 it would be helpful if the asf-icla-publicname property
in our LDAP directory was readable by anonymous clients. Currently that's not the case even
though the contents of the property are publicly visible at

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message