[Date Prev][Date Next]
Re: Slave/Replica server authentication/authorization question
--On Thursday, February 26, 2004 9:47 AM -0600 "Aaron M. Hirsch"
-----BEGIN PGP SIGNED MESSAGE-----
~From my understanding the following rules should allow for users to
authenticate as themselves or anonymously:
access to attrs=userPassword
~ by self write
~ by anonymous auth
and the following allows anonymous queries of the database:
access to *
~ by * read
I think you misunderstand what "auth" means. I think you need "compare"
for your anonymous line at a minimum, otherwise there is no access to the
userpassword entry that the incoming connection can use to determine if the
password supplied is correct or not.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html