Author: elecharny Date: Wed Apr 3 11:52:30 2013 New Revision: 1463936 URL: http://svn.apache.org/r1463936 Log: Updated the Authn chapters Added: directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext Modified: directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext Modified: directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext?rev=1463936&r1=1463935&r2=1463936&view=diff ============================================================================== --- directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext (original) +++ directory/site/trunk/content/apacheds/advanced-ug/4-authentication-and-authorization.mdtext Wed Apr 3 11:52:30 2013 @@ -1,8 +1,10 @@ Title: 4 - Authentication & Authorization NavPrev: 3-admin-model.html -NavPrevText: 3 Administrative Model +NavPrevText: 3 - Administrative Model NavUp: ../advanced-user-guide.html NavUpText: Advanced User Guide +NavNext: 5-administration.html +NavNextTest: 5 - Administration Notice: Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information @@ -24,28 +26,42 @@ Notice: Licensed to the Apache Software ## Chapter content -* [4.5 - Authorization](4.5-authorization.html) - * [4.5.1 - Introduction](4.5.1-introduction.html) - * [4.5.2 - Definitions](4.5.2-definitions.html) - * [4.5.3 - Enabling Access Control](4.5.3-enabling-access-control.html) - * [4.5.4 - ACI Types](4.5.4-aci-types.html) - * [4.5.4.1 - Entry ACI](4.5.4.1-entryaci.html) - * [4.5.4.2 - Prescriptive ACI](4.5.4.2-prescriptiveaci.html) - * [4.5.4.3 - Subentry ACI](4.5.4.3-subentryaci.html) - * [4.5.5 - ACI Elements](4.5.5-aci-elements.html) - * [4.5.5.1 - User Classes](4.5.5.1-userclasses.html) - * [4.5.5.2 - Protected Items](4.5.5.2-protecteditems.html) - * [4.5.5.3 - Permissions](4.5.5.3-permissions.html) - * [4.5.5.4 - Subtrees](4.5.5.4-subtrees.html) - * [4.5.6 - The ACDF Engine](4.5.6-the-acdf-engine.html) - * [4.5.6.1 - How it works](4.5.6.1-how-it-works.html) - * [4.5.6.2 - Selections](4.5.6.2-selections.html) - * [4.5.6.3 - Constraints](4.5.6.3-constraints.html) - * [4.5.6.4 - Priority](4.5.6.4-priority.html) - * [4.5.7 - Using ACIs Trail](4.5.7-using-acis-trail.html) - * [4.5.7.1 - Enable Authenticated Users to Browse and Read Entries](4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.html) - * [4.5.8 - ACI Administration](4.5.8-aci-administration.html) - * [4.5.9 - Migration from other LDAP Servers](4.5.9-migration-from-other-ldap-servers.html) - * [4.5.10 - ACI grammar](4.5.10-aci-grammar.html) - * [4.5.11 - Links and References](4.5.11-links-and-references.html) +* [4.1 - Authentication](4.1-authentication.html) + * [4.1.1 - Simple authentication](4.1.1-simple-authn.html) + * [4.1.1.1 - Anonymous Authentication](4.1.1.1-anonymous-authn.html) + * [4.1.1.2 - Name/Password Authentication](4.1.1.2-name-password-authn.html) + * [4.1.1.2 - Unauthenticated Authentication](4.1.1.2-unauthenticated-authn.html) + * [4.1.2 - SASL authentication](4.1.3-sasl-authn.html) + * [4.1.2.1 - SASL anonymous Authentication](4.1.2.1-sasl-anonymous-authn.html) + * [4.1.2.2 - SASL plain text Authentication](4.1.2.2-sasl-plain-text-authn.html) + * [4.1.2.3 - SASL GSSAPI Authentication](4.1.2.3-sasl-gssapi-authen.html) + * [4.1.2.4 - SASL CRAM-MD5 Authentication](4.1.2.4-sasl-cram-md5-authen.html) + * [4.1.2.5 - SASL DIGEST-MD5 Authentication](4.1.2.5-sasl-digest-md5-authen.html) + * [4.1.2.6 - SASL EXTERNAL Authentication](4.1.2.6-sasl-external-authen.html) + * [4.1.3 - Kerberos authentication](4.1.3-kerberos-authentication.html) + * [4.1.4 - Client authentication through certificates](4.1.4-certificate-authn.html) +* [4.2 - Authorization](4.2-authorization.html) + * [4.2.1 - Introduction](4.2.1-introduction.html) + * [4.2.2 - Definitions](4.2.2-definitions.html) + * [4.2.3 - Enabling Access Control](4.2.3-enabling-access-control.html) + * [4.2.4 - ACI Types](4.2.4-aci-types.html) + * [4.2.4.1 - Entry ACI](4.2.4.1-entryaci.html) + * [4.2.4.2 - Prescriptive ACI](4.2.4.2-prescriptiveaci.html) + * [4.2.4.3 - Subentry ACI](4.2.4.3-subentryaci.html) + * [4.2.5 - ACI Elements](4.2.5-aci-elements.html) + * [4.2.5.1 - User Classes](4.2.5.1-userclasses.html) + * [4.2.5.2 - Protected Items](4.2.5.2-protecteditems.html) + * [4.2.5.3 - Permissions](4.2.5.3-permissions.html) + * [4.2.5.4 - Subtrees](4.2.5.4-subtrees.html) + * [4.2.6 - The ACDF Engine](4.2.6-the-acdf-engine.html) + * [4.2.6.1 - How it works](4.2.6.1-how-it-works.html) + * [4.2.6.2 - Selections](4.2.6.2-selections.html) + * [4.2.6.3 - Constraints](4.2.6.3-constraints.html) + * [4.2.6.4 - Priority](4.2.6.4-priority.html) + * [4.2.7 - Using ACIs Trail](4.2.7-using-acis-trail.html) + * [4.2.7.1 - Enable Authenticated Users to Browse and Read Entries](4.2.7.1-enable-authenticated-users-to-browse-and-read-entries.html) + * [4.2.8 - ACI Administration](4.2.8-aci-administration.html) + * [4.2.9 - Migration from other LDAP Servers](4.2.9-migration-from-other-ldap-servers.html) + * [4.2.10 - ACI grammar](4.2.10-aci-grammar.html) + * [4.2.11 - Links and References](4.2.11-links-and-references.html) Added: directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext?rev=1463936&view=auto ============================================================================== --- directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext (added) +++ directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext Wed Apr 3 11:52:30 2013 @@ -0,0 +1,52 @@ +Title: 4.1. Authentication +NavPrev: 4-authentication-and-authorization.html +NavPrevText: 4 - Authentication & Authorization +NavUp: 4-authentication-and-authorization.html +NavUpText: 4 - Authentication & Authorization +NavNext: 4.2-authorization.html +NavNextText: 4.2 - Authorization +Notice: Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. + +# 4.1. Authentication + +## Chapter content + + * [4.1.1 - Simple authentication](4.1.1-simple-authn.html) + * [4.1.1.1 - Anonymous Authentication](4.1.1.1-anonymous-authn.html) + * [4.1.1.2 - Name/Password Authentication](4.1.1.2-name-password-authn.html) + * [4.1.1.2 - Unauthenticated Authentication](4.1.1.2-unauthenticated-authn.html) + * [4.1.2 - SASL authentication](4.1.3-sasl-authn.html) + * [4.1.2.1 - SASL anonymous Authentication](4.1.2.1-sasl-anonymous-authn.html) + * [4.1.2.2 - SASL plain text Authentication](4.1.2.2-sasl-plain-text-authn.html) + * [4.1.2.3 - SASL GSSAPI Authentication](4.1.2.3-sasl-gssapi-authen.html) + * [4.1.2.4 - SASL CRAM-MD5 Authentication](4.1.2.4-sasl-cram-md5-authen.html) + * [4.1.2.5 - SASL DIGEST-MD5 Authentication](4.1.2.5-sasl-digest-md5-authen.html) + * [4.1.2.6 - SASL EXTERNAL Authentication](4.1.2.6-sasl-external-authen.html) + * [4.1.3 - Kerberos authentication](4.1.3-kerberos-authentication.html) + * [4.1.4 - Client authentication through certificates](4.1.4-certificate-authn.html) + +**LDAP** is a connected protocol. That means you should create a session before being able to fetch some data from the server. This session is created through an authentication process. + +There are two different types of authentication on LDAP : +* Simple +* SASL + +We will describe those two kind of authentication, and will also describe how this can be leveraged by some specific authentication mechanisms, like Kerberos or based on certificates. + +Last, not least, the **Anonymous** authentication will be explain in a separate chapter, even if it's a part of the Simple authentication mechanism. +