blocking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> We have just migrated from openldap to fedora, and have realized with 
> horror that some authentication clients (for example CAS) are giving the 
> OK to users who submit un empty password string.
> 
> We have been going slowly mad trying to find how to block this in the 
> configuration.

FDS only cares about the bind method when evaluating access control to 
data. When only using the external bind interface, AFAIK there is 
currently no way to disable anonymous binds from succeeding with FDS.

One could write a pre authentication plugin which, when enabled, would 
prevent anonymous binds from succeeding and send the unwilling to 
perform back to the client.


BR,
--
mike
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux