Using Certificate-Based Authentication
If you are connecting over SSL, you can use digital certificates to authenticate your LDAP client to the directory server. In certificate-based client authentication, the directory server requests a certificate from the client during the handshake portion of the protocol. The client sends a certificate that identifies itself (using a DN in the certificate) to the server. The server examines the certificate to determine if it trusts the certificate authority that issued the certificate. The server then determines if the DN in the certificate corresponds to a user in the directory. If these steps complete successfully, the client is authenticated.
As part of the SSL Handshake Protocol, the server can also ...
Get LDAP Programming with Java™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
