[Date Prev][Date Next]
OpenLDAP, SSL and client authentication
I'm a new user of OpenLDAP and I'm trying to configuring OpenLDAP
with client's authentication.
I think I have done the correct steps in order to configure OpenLDAP
with SSL and only using the server authentication. I have read that the
change in order to support client's authentication is to change the
value of TLSVerifyClient. But my problem is the following:
I would like to configure my directory with some public attributes and
some private attributes for each user. And I would like everybody can
read the public attributes and I would like that the private attributes
can only read by the owner user. I would like to allow the user to read
the private attributes when he is authenticated with the client's
authentication over ssl. The problem is that besides the client's
authetication he requests me the password and I wouldn't like to
introduce a password because with the client's autenthication I can be
sure the client is the correct user in order to access the private data.
How can I solve my problem? Can you guide me, please?