Using SASL Authentication
RFC 2222 ("Simple Authentication and Security Layer") proposes a method for adding authentication support to connection-based protocols. The protocol (LDAP in this case) supports a command to identify and authenticate a user to the server.
The command requires that you specify the name of the mechanism to use for authentication. Netscape Directory Server supports the use of SASL mechanisms through server plug-ins. You can write a server plug-in that handles authentication through a SASL mechanism. SASL mechanisms are registered with the IANA (Internet Assigned Numbers Authority) and have names such as "CRAM-MD5," "GSSAPI," and "KERBEROS_V4." The same mechanism can be used with many protocols—LDAP, IMAP (Internet Message ...
Get LDAP Programming with Java™ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
