[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Must a simple bind with DN and no pwd be treated as anonymous?

To: <Sam.Johnson@FernUni-Hagen.de>, <openldap-general@OpenLDAP.org>
Subject: Re: Must a simple bind with DN and no pwd be treated as anonymous?
From: "Mark Wilcox" <mark@mjwilcox.com>
Date: Thu, 26 Aug 1999 21:45:27 -0500

If you think about it, what other option would you have.

Otherwise it would be really easy to hack the LDAP server (which is what
LDAP bind is for, the fact that we can also use this as an authentication
device for other applications is just a happy coincidence, not design ;).

If I didn't have to specify a password to authenticate as a specific user,
why would I bother to ever use a password?


Mark

-----Original Message-----
From: Sam Johnson <Sam.Johnson@FernUni-Hagen.de>
To: openldap-general@OpenLDAP.org <openldap-general@OpenLDAP.org>
Date: Thursday, August 26, 1999 7:34 AM
Subject: Must a simple bind with DN and no pwd be treated as anonymous?


>While trying to implement a PAM-module for Solaris I have discovered
>that the Sun Directory Server aka LDAP server treats a simple bind with
>DN and a null (missing) password as an anonymous bind.  The documentation
>for the Netscape Directory SDK API also documents this behaviour.  So,
>do the RFC's suggest or require this, or is the matter still open to
>discussion and complaint (and modification)?
>
>Thanks for reading this.
>
>Sam Johnson Sam.Johnson@FernUni-Hagen.de
>---------------------------------------------------------------------------
---
>FernUniversitaet Phone: +49-2331-987-2874,-2799
>58084 Hagen, Germany Fax:   +49-2331-987-2720
>
>

Prev by Date: Re: Must a simple bind with DN and no pwd be treated as anonymous?
Next by Date: Re: ldap and tacacs
Index(es):
- Chronological
- Thread