[jira] [Updated] (DIRSERVER-1795) Add an ACI to RootDSE

Sun, 16 Jun 2019 07:57:15 -0700 


     [ 
https://issues.apache.org/jira/browse/DIRSERVER-1795?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Emmanuel Lecharny updated DIRSERVER-1795:
-----------------------------------------
    Component/s: rootDSE
                 aci

> Add an ACI to RootDSE
> ---------------------
>
>                 Key: DIRSERVER-1795
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1795
>             Project: Directory ApacheDS
>          Issue Type: Improvement
>          Components: aci, rootDSE
>    Affects Versions: 2.0.0-M10
>            Reporter: Kiran Ayyagari
>            Assignee: Kiran Ayyagari
>            Priority: Major
>             Fix For: 2.0.0-RC1
>
>
> We might want to have this ACI stored and updated in configuration partition 
> cause RootDSE is a virtual entry.
> The discussion that sparked this idea is given below.
>  Is there a way to disable anonymous access to rootDSE
> 3 messages
> Hammond, Steven <[email protected]>  Sat, Feb 2, 2013 at 3:22 AM
> Reply-To: [email protected]
> To: "[email protected]" <[email protected]>
> We need to satisfy a requirement that takes issue with being able to see who 
> the vendor of the directory server is without authenticating first.  I think 
> it will be a problem since authenticating uses SASL and rootDSE shows the 
> SASLmechanisms allowed, but maybe someone knows a way.
> Requirement is related to this page.  http://www.stigviewer.com/check/V-14797
> Thank you.
> Kiran Ayyagari <[email protected]>         Sat, Feb 2, 2013 at 10:33 AM
> To: [email protected]
> no, this is not currently possible
> [Quoted text hidden]
> -- 
> Kiran Ayyagari
> http://keydap.com
> Emmanuel Lécharny <[email protected]>       Sat, Feb 2, 2013 at 11:45 AM
> Reply-To: [email protected], [email protected]
> To: [email protected]
> Le 2/2/13 6:03 AM, Kiran Ayyagari a écrit :
> > no, this is not currently possible
> We may need to implement an ACI authz on the rootDSE, something we don't
> currently support.
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to