Chapter 7. Securing the Data
At this point you know how to write LDAP clients that perform most of the basic operations. You can write clients that search, add, modify, and delete entries in the directory.
You probably want most users to be able to make changes to only a subset of records, if any, rather than to the entire directory. To control access to the directory and restrict the permissions to add, modify, and delete entries, you can set up access control lists in the directory server. When LDAP clients authenticate to the server, the directory server can then determine whether or not the client is allowed to add, modify, or delete a particular entry.
You may also want to prevent outsiders from eavesdropping on communications between your ...
Get LDAP Programming with Java™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
