You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@directory.apache.org by "walter@summonte.com" <wa...@summonte.com> on 2009/03/11 17:39:35 UTC

Anonymous Access & Basic authorization

Hi, 

I've made my Partition
(http://directory.apache.org/apacheds/1.5/144-adding-your-own-partition-resp-suffix.html)
& I've enabled basic
authorization(http://directory.apache.org/apacheds/1.5/32-basic-authorization.html)
but when try to access as Anonymous "i get in" BUT get the
following ERROR:

Error while opening connection
[LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
for     SearchRequest
        baseDn : '2.5.4.3=schema'
        filter : '(objectClass=subschema)'
        scope : base object
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 'createtimestamp', 'modifytimestamp'
: null]
  [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
for     SearchRequest
        baseDn : '2.5.4.3=schema'
        filter : '(objectClass=subschema)'
        scope : base object
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 'createtimestamp', 'modifytimestamp'
: null]


How to get a clear Anonymous access?

Thanks Mutch

Walter Summonte

Re: Anonymous Access & Basic authorization

Posted by Alex Karasulu <ak...@gmail.com>.

You're right on Yiannis.  Thanks for participating on our users list.

Alex

On Wed, Mar 11, 2009 at 1:57 PM, Yiannis Mavroukakis <
imavroukakis@gameaccount.com> wrote:

> Hi Walter
>
>
> walter@summonte.com wrote:
>
>> Hi,
>> I've made my Partition
>> (
>> http://directory.apache.org/apacheds/1.5/144-adding-your-own-partition-resp-suffix.html
>> )
>> & I've enabled basic
>> authorization(
>> http://directory.apache.org/apacheds/1.5/32-basic-authorization.html)
>> but when try to access as Anonymous "i get in" BUT get the
>> following ERROR:
>>
>> Error while opening connection
>> [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
>> for     SearchRequest
>>        baseDn : '2.5.4.3=schema'
>>        filter : '(objectClass=subschema)'
>>        scope : base object
>>        typesOnly : false
>>        Size Limit : no limit
>>        Time Limit : no limit
>>        Deref Aliases : deref Always
>>        attributes : 'createtimestamp', 'modifytimestamp'
>> : null]
>>  [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
>> for     SearchRequest
>>        baseDn : '2.5.4.3=schema'
>>        filter : '(objectClass=subschema)'
>>        scope : base object
>>        typesOnly : false
>>        Size Limit : no limit
>>        Time Limit : no limit
>>        Deref Aliases : deref Always
>>        attributes : 'createtimestamp', 'modifytimestamp'
>> : null]
>>
>>
>>
>>
> Not 100% sure on this, but if I am reading this correctly this is a search
> request with schema as the baseDn and if memory serves me right , an Anon
> account  does not have access to the schema..Could be massively wrong though
> :-)
>
>
>

Re: Anonymous Access & Basic authorization

Posted by Yiannis Mavroukakis <im...@gameaccount.com>.

Hi Walter

walter@summonte.com wrote:
> Hi, 
>
> I've made my Partition
> (http://directory.apache.org/apacheds/1.5/144-adding-your-own-partition-resp-suffix.html)
> & I've enabled basic
> authorization(http://directory.apache.org/apacheds/1.5/32-basic-authorization.html)
> but when try to access as Anonymous "i get in" BUT get the
> following ERROR:
>
> Error while opening connection
> [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
> for     SearchRequest
>         baseDn : '2.5.4.3=schema'
>         filter : '(objectClass=subschema)'
>         scope : base object
>         typesOnly : false
>         Size Limit : no limit
>         Time Limit : no limit
>         Deref Aliases : deref Always
>         attributes : 'createtimestamp', 'modifytimestamp'
> : null]
>   [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed
> for     SearchRequest
>         baseDn : '2.5.4.3=schema'
>         filter : '(objectClass=subschema)'
>         scope : base object
>         typesOnly : false
>         Size Limit : no limit
>         Time Limit : no limit
>         Deref Aliases : deref Always
>         attributes : 'createtimestamp', 'modifytimestamp'
> : null]
>
>
>   
Not 100% sure on this, but if I am reading this correctly this is a 
search request with schema as the baseDn and if memory serves me right , 
an Anon account  does not have access to the schema..Could be massively 
wrong though :-)