[MGNLLDAP-35] Allow anonymous binding Created: 06/Apr/10 Updated: 27/Nov/13 Resolved: 06/Apr/10 |
|
| Status: | Closed |
| Project: | LDAP Connector |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 1.4 |
| Type: | Improvement | Priority: | Major |
| Reporter: | Magnolia International | Assignee: | Magnolia International |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||
| Description |
|
We currently don't allow anonymous binding; the java.naming.security.principal property must be set to the exact DN (minus the user id which is substituted) to connect to ldap. This makes it impossible to authenticate users which are stored in different sub-ou (organizational units). (unless each of them is configured specifically) Many ldap setups allow anonymous binding and authentication once the user record is found. |
| Comments |
| Comment by Magnolia International [ 06/Apr/10 ] |
|
This seems somewhat like a duplicate of It could be that r12496 prevented it from ever working; at least with non-AD directories anyway. Will need to consolidate all of this. |