[Date Prev][Date Next]
Re: Why can I bind twice w & w/o a password?
Thomas Gagné wrote:
I created a user, cn=Thomas Gagne,dc=home,dc=lan, and gave him a
password of "homelife". I can successfully bind with and without a
password. I was looking at the output from ethereal and the responses
to successive bind requests (both with and without passwords) are
success! Why would that be?
Why is that?
Non-authenticated users *must* be able to bind so that they can
authenticate themselves. If non-authenticated users can't bind,
you get a chicken and egg situation which effectively renders
your ldap useless.