java - What all authentications are taken care of by UnboundId SDK? -


i have active directory on cloud. in our web app using ldap. in discussion build mobile application our enterprise. searched ldap client sdk , got unboundid ldap sdk java. saw examples not figure out how secure use sdk. authentication measure provide? encryption techniques can used it? there other api or sdk can use more secure , reliable?

please help. in advance.

the unboundid ldap sdk java supports ldap simple authentication, number of sasl mechanisms, including anonymous, cram-md5, digest-md5, external, gssapi, , plain. basically, @ subclasses of com.unboundid.ldap.sdk.bindrequest, , many of them have examples demonstrate use.

but since mentioned you're building mobile application, it's important note cram-md5, digest-md5, , gssapi not supported on android because depend on java se feature isn't available in android's java implementation.

as far encryption methods supported, ldap sdk supports encrypting communication ssl/tls, securing existing unencrypted connection via starttls extended operation. if you're using digest-md5 or gssapi authentication , server supports it, may able use sasl integrity or confidentiality qop mechanisms.

also, cram-md5, digest-md5, , gssapi allow authenticate on insecure connection without divulging credentials because provide own mechanism protecting credentials in flight. however, recommend using mechanism protects communication since bind credentials aren't kinds of sensitive information might sent on ldap, , mechanisms don't support protecting credentials when used outside of bind (e.g., when changing password or retrieving them in search result entry).


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more