[
https://issues.apache.org/jira/browse/DIRSERVER-1240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12627676#action_12627676
]
Steve hammond commented on DIRSERVER-1240:
------------------------------------------
Some things we found out this weekend.
When logging in with NTLM, name (as an LdapDN) is not passed in. This is
because it is encrypted in credentials, and it is possible that the DN for the
name does not even exist on the LDAP server with distributed authentication.
However ApahchDS is assuming that if the name is not present, it must be
anonymous.
> After binding using NTLM, cannot query if AllowAnonymousAccess is off
> ---------------------------------------------------------------------
>
> Key: DIRSERVER-1240
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1240
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.3
> Environment: Running on Windows under JBOSS
> Reporter: Steve hammond
>
> After binding with NTLM, we can do a search and it says "Server has disabled
> anonymous binds"
> One weird part, after setting AllowAnonymousAccess(false) on directory
> service, I cannot even query sasl supported mechanisms.
> When I change that to true, but have apacheds.SetAllowAnonymousAccess(false),
> I can at least bind, but I cannot do any queries, getting above error.
> When i allow all anonymous, I can bind with NTLM and do queries, but I think
> the queries are being performed as anonymous.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
