2012/11/22 Pierre-Arnaud Marcelot <[email protected]>
>
> It should be complicated to disable anonymous access on 2.0.
>
Is possible to restrict anonymous read access only to userPassword field
and write access for anybody except admin account?
How can I implement with ApacheDS something like:
access to attrs=userPassword
by self write
by anonymous auth
by * none
access to *
by * read
in OpenLDAP?
--
Regards,
Eugene Prokopiev
>
> Regards,
> Pierre-Arnaud
>
>
> On 22 nov. 2012, at 14:09, Eugene Prokopiev <[email protected]> wrote:
>
> > Hi,
> >
> > Is it possible to disable anonymous access for embedded ApacheDS? I tried
> > to do this:
> >
> > public class Application {
> > public static void main(String[] args) throws Exception {
> > DirectoryService directory = new DefaultDirectoryService();
> > directory.startup();
> > LdapServer ldap = new LdapServer();
> > ldap.setDirectoryService(directory);
> > ldap.setAllowAnonymousAccess(false);
> > ldap.setTransports(new TcpTransport(10389));
> > ldap.start();
> > }
> > }
> >
> > But result was:
> >
> > $ ldapsearch -h localhost -p 10389 -x -b "ou=system"
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <ou=system> with scope subtree
> > # filter: (objectclass=*)
> > # requesting: ALL
> > #
> >
> > # system
> > dn: ou=system
> > objectClass: organizationalUnit
> > objectClass: extensibleObject
> > objectClass: top
> > ou: system
> >
> > ...
> >
> > I used version 1.5.5, because 2.0 is not released now and 1.5.7 requires
> > more verbose code. Is it possible to disable anonymous access with 1.5.7
> or
> > 2.0?
> >
> > --
> > Regards,
> > Eugene Prokopiev
>
>
--
С уважением,
Прокопьев Евгений
