You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2013/04/08 01:46:21 UTC
svn commit: r1465515 -
/directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
Author: elecharny
Date: Sun Apr 7 23:46:20 2013
New Revision: 1465515
URL: http://svn.apache.org/r1465515
Log:
Updated some SASL pages
Modified:
directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext?rev=1465515&r1=1465514&r2=1465515&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext Sun Apr 7 23:46:20 2013
@@ -49,9 +49,18 @@ As **ApacheDS** is based on Java, we onl
* DIGEST-MD5 : Http Digest authentication
* GSSAPI : Kerberos authentication
* EXTERNAL : External authentication
+ * NTLM : NTLM authentication
+ * GSS-SPNEGO : The SPNEGO authentication
It's important to notice that some of those mechanisms are either useless (PLAIN) or obsolete (DIGEST-MD5).
+It's of course possible to modify the list of supported **SASL** mechanisms, by updating the server's configuration. The list of mechanisms is stored as entries under the following **DN** :
+
+ :::Text
+ ou=saslMechHandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+
+## Specifications
+
The SASL specifications are defined by an [IETF Working Group](http://datatracker.ietf.org/wg/sasl/) which has published the following proposed standards :
* [RFC 4013](http://www.ietf.org/rfc/rfc4013.txt) : SASLprep: Stringprep Profile for User Names and Passwords