[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP anonymous and encrypted simple authentication

To: openldap-software@OpenLDAP.org
Subject: Re: LDAP anonymous and encrypted simple authentication
From: Vegeta <lord.vegeta@ica.luz.ve>
Date: Tue, 20 Jan 2004 16:22:15 -0400
References: <bujggd$t1e$1@sea.gmane.org> <1074619522.2963.219.camel@localhost>
User-agent: KNode/0.7.2

Tony Earnshaw wrote:

> tir, 20.01.2004 kl. 16.12 skrev Vegeta:
> 
>> 1. anonymous authentication does not require encryption
>> 2. simple authentication requires encryption
>> 
>> Is this possible?
> 
> Why would you want to? Do you have cracker friends? Think it through
> again. Read the manuals, follow the Quick start guide and then the Admin
> guide.
I currently have ldap (unencrypted) access on loopback (127.0.0.1) interface
and ldaps access (encrypted) on all interfaces.
There is some (not all) data I want to make available via anonymous access
and I don't need SSL/TLS to protect it.
There is some sensitive data I do not want to make available via anonymous
access, but through SSL encrypted simple (password) authentication.
What is the security hole you see?
I already read the Admin guide and it does not explain this setup.

> 
>> What would the slapd.conf look like?
> 
> Why?
> 
>> Vegeta
> 
> --Carnivor
> 

-- 
Fuera Chávez

Follow-Ups:
- Re: LDAP anonymous and encrypted simple authentication
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re: LDAP anonymous and encrypted simple authentication
  - From: Tony Earnshaw <tonye@billy.demon.nl>

References:
- LDAP anonymous and encrypted simple authentication
  - From: Vegeta <lord.vegeta@ica.luz.ve>
- Re: LDAP anonymous and encrypted simple authentication
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Re: Problems installing
Next by Date: Re: Authentication Modules / System-Auth
Index(es):
- Chronological
- Thread