[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question "Authentification"



Hi,


I would know :

	When an user wants authenticate to a LDAP base,
		--> the server connects (bind) to the database as
anonymous
		
		--> search in the database if the user exists and if the
user can read or write the attibute userPassword

		--> so the server connects (bind) to the database as
user


I have supposed this working through this ACL :

>access to attr=userPassword
>        by      dn.exact="cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr"
write
>        by      anonymous       auth
>        by      self            write
>        by      *               none

>access to dn.subtree="ou=Contacts,dc=e-qual,dc=fr"
>        by      dn.exact="cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr"
write
>        by      *               none

># access par default
>access to *
>        by self write
>        by users read
>        by anonymous read


If I'm wrong, could you explain me how works precisely the
authentification ?


Thanks

Philippe