[EMAIL PROTECTED] wrote:
Thanks, Howard; I think I'm beginning to understand this.
So, the AUTHENTICATION piece is done by SASL using digest_md5, an
'external' connection to TLS, etc. But the AUTHORIZATION piece is
handled by the rules defined in the access control policy section of
slapd.conf, right?
Yes, basic principles of computer security. Authentication (who are
you?) is distinct from Authorization (what are you allowed to do?).
Thanks
tl
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
