You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Kiran Ayyagari (JIRA)" <ji...@apache.org> on 2014/02/22 16:56:19 UTC
[jira] [Commented] (DIRSERVER-1817) The PLAIN SASL bind does expect
a DN in the authcid field. We should allow the definition of an AT
[ https://issues.apache.org/jira/browse/DIRSERVER-1817?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13909415#comment-13909415 ]
Kiran Ayyagari commented on DIRSERVER-1817:
-------------------------------------------
We already allow the said feature to accept DN or a simple name.
But currently the attribute name is not configurable, it is treated as "uid" always.
> The PLAIN SASL bind does expect a DN in the authcid field. We should allow the definition of an AT
> --------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1817
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1817
> Project: Directory ApacheDS
> Issue Type: Improvement
> Affects Versions: 2.0.0-M15
> Reporter: Emmanuel Lecharny
> Priority: Minor
> Fix For: 2.1.1
>
>
> Right now, we are expecting the user to provide a full DN in the authcid part of the SASL PLAIN bind. It would be very convenient to allow the user to provide a simple name, and to configure the server to look at a specific AT to fetch the entry.
> For instance, we can decide that the uid Attribute is the one to look for when searching the authcid. We will then do a search for (uid=<authcid>) and check the userPassword from the found entry.
> Another option : we could ad dn: for DN values, and u: for plain text values (with a default to u:).
> The AttributeType to use should be configurable.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)