You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by el...@apache.org on 2013/04/08 01:46:21 UTC

svn commit: r1465515 - /directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext

Author: elecharny
Date: Sun Apr  7 23:46:20 2013
New Revision: 1465515

URL: http://svn.apache.org/r1465515
Log:
Updated some SASL pages

Modified:
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext?rev=1465515&r1=1465514&r2=1465515&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext Sun Apr  7 23:46:20 2013
@@ -49,9 +49,18 @@ As **ApacheDS** is based on Java, we onl
     * DIGEST-MD5 : Http Digest authentication
     * GSSAPI : Kerberos authentication
     * EXTERNAL : External authentication
+    * NTLM : NTLM authentication
+    * GSS-SPNEGO : The SPNEGO authentication
 
 It's important to notice that some of those mechanisms are either useless (PLAIN) or obsolete (DIGEST-MD5).
 
+It's of course possible to modify the list of supported **SASL** mechanisms, by updating the server's configuration. The list of mechanisms is stored as entries under the following **DN** :
+
+    :::Text
+    ou=saslMechHandlers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+
+## Specifications
+
 The SASL specifications are defined by an [IETF Working Group](http://datatracker.ietf.org/wg/sasl/) which has published the following proposed standards :
 
     * [RFC 4013](http://www.ietf.org/rfc/rfc4013.txt) : SASLprep: Stringprep Profile for User Names and Passwords