[Date Prev][Date Next] [Chronological] [Thread] [Top]

Once again.. Access Control Lists

To: <openldap-software@OpenLDAP.org>
Subject: Once again.. Access Control Lists
From: "Timothy J. Arnold" <tim@ngfl.gov.uk>
Date: Fri, 1 Mar 2002 12:17:25 -0000
Importance: Normal

Hi Everyone.

Once again I would like to ask an Access Control Lists question.

We are developing a User login system with Java (JSP). I am interested
in how the bind works.

The current ACL is: 

access to attr=userPassword
       by self write
       by anonymous auth
       by dn="ou=portal,ou=ngfl,o=becta.org.uk" write
       by * none

access to *
        by self write
        by dn="ou=portal,ou=ngfl,o=becta.org.uk" write
        by * none

When the user types in the wrong password. It still allows the user to
bind (but not allow to get attributes). Is this how OpenLDAP works?

Cheers,

Tim.

Timothy J. Arnold
Systems Support Officer

BECTa.
Milburn Hill Road, Science Park
Coventry, West Midlands
CV4 7JJ, United Kingdom
Tel: +44 (0) 24 7641 6994
Fax: +44 (0) 24 7641 1418
Direct: +44 (0) 24 7684 7193
Mobile: +44 (0) 7855 862530
E-mail: tim@ngfl.gov.uk
E-mail: helpdesk@ngfl.gov.uk 
Web: www.ngfl.gov.uk
Web: www.becta.org.uk

Prev by Date: Ldap Stuff
Next by Date: Re: Ldap stuff
Index(es):
- Chronological
- Thread