ApacheDS 2.0
Downloads
Documentation
- Basic User Guide
- Advanced User Guide
- Developer Guide
- Kerberos User Guide
- Configuration
- JavaDocs
- Cross-Reference
Support
Community
About Apache
4.1.2.4 - SASL GSSAPI Authentication
This authentication mechanism is specified in the following RFCs :
* [RFC 4752](https://tools.ietf.org/html/rfc4752)
It’s more specifically used for Kerberos V5 authentication. As Apache Directory Server is also a Kerberos Server, it comes as a natural extension of the server.
It requires some configuration though.
Configuration
The idea is for the LDAP server to delegate the authentication to the Kerberos Server.
Usage
MessageType : BIND_REQUEST Message ID : 1 BindRequest Version : ‘3’ Name : '’ Sasl credentials Mechanism :‘GSSAPI’ Credentials : (omitted-for-safety)
MessageType : BIND_RESPONSE Message ID : 1 BindResponse Ldap Result Result code : (SASL_BIND_IN_PROGRESS) saslBindInProgress – new Matched Dn : ‘null’ Diagnostic message : ‘null’ Server sasl credentials : '’