server/config/PlainSASLMechanismHandlerConfiguration.xml

	PlainSASLMechanismHandlerConfiguration.xml revision d70586b00b9530ab99ab4b8f003e9a54793e419f
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller<?xml version="1.0" encoding="UTF-8"?>
088fa5d9eaa83bf4b3d59a64c0519f42a143aaa9Alin Brici<!--
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! CDDL HEADER START
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  !
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! The contents of this file are subject to the terms of the
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! Common Development and Distribution License, Version 1.0 only
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! (the "License").  You may not use this file except in compliance
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! with the License.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  !
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! or http://forgerock.org/license/CDDLv1.0.html.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! See the License for the specific language governing permissions
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! and limitations under the License.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  !
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! When distributing Covered Code, include this CDDL HEADER in each
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! file and include the License file at legal-notices/CDDLv1_0.txt.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  ! If applicable, add the following below this CDDL HEADER, with the
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller  ! fields enclosed by brackets "[]" replaced with your own identifying
f39dc15e901a18aaac2ef6ca0d668bff5d35a9e4Brendan Mmiller  ! information:
f39dc15e901a18aaac2ef6ca0d668bff5d35a9e4Brendan Mmiller  !      Portions Copyright [yyyy] [name of copyright owner]
21dcdac963f79c098a5ea1a2c5c5e109429c9786Brendan Miller  !
21dcdac963f79c098a5ea1a2c5c5e109429c9786Brendan Miller  ! CDDL HEADER END
088fa5d9eaa83bf4b3d59a64c0519f42a143aaa9Alin Brici  !
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  !
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  !      Copyright 2007-2008 Sun Microsystems, Inc.
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  ! -->
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller<adm:managed-object name="plain-sasl-mechanism-handler"
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  plural-name="plain-sasl-mechanism-handlers"
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  package="org.forgerock.opendj.server.config" extends="sasl-mechanism-handler"
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  xmlns:adm="http://opendj.forgerock.org/admin"
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  xmlns:ldap="http://opendj.forgerock.org/admin-ldap">
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  <adm:synopsis>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    The
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    <adm:user-friendly-name />
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    performs all processing related to SASL PLAIN
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    authentication.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  </adm:synopsis>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  <adm:description>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    The PLAIN SASL mechanism provides the ability for clients to
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    authenticate using a username and password. This authentication
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    is very similar to standard LDAP simple authentication, with the
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller    exception that it can authenticate based on an authentication ID
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    (for example, a username) rather than requiring a full DN, and
f39dc15e901a18aaac2ef6ca0d668bff5d35a9e4Brendan Mmiller    it can also include an authorization ID in addition to the
f39dc15e901a18aaac2ef6ca0d668bff5d35a9e4Brendan Mmiller    authentication ID. Note that the SASL PLAIN mechanism does not
f39dc15e901a18aaac2ef6ca0d668bff5d35a9e4Brendan Mmiller    make any attempt to protect the password.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  </adm:description>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller  <adm:profile name="ldap">
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    <ldap:object-class>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      <ldap:name>ds-cfg-plain-sasl-mechanism-handler</ldap:name>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      <ldap:superior>ds-cfg-sasl-mechanism-handler</ldap:superior>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller    </ldap:object-class>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  </adm:profile>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller  <adm:property-override name="java-class" advanced="true">
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller    <adm:default-behavior>
80a21b2f138c5017c1d929d4879bfc686d6841ebBrendan Miller      <adm:defined>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller        <adm:value>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller          org.opends.server.extensions.PlainSASLMechanismHandler
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller        </adm:value>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller      </adm:defined>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller    </adm:default-behavior>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller  </adm:property-override>
a20f25a11beaf0445cc53f4d56537cef3d26281eBrendan Mmiller  <adm:property name="identity-mapper" mandatory="true">
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    <adm:synopsis>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      Specifies the name of the identity mapper that is to be used
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      with this SASL mechanism handler to match the authentication or
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      authorization ID included in the SASL bind request to the
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      corresponding user in the directory.
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller    </adm:synopsis>
80a21b2f138c5017c1d929d4879bfc686d6841ebBrendan Miller    <adm:syntax>
72b75f9642d4c117775b8613ccffddd5ff9c59a8Brendan Mmiller      <adm:aggregation relation-name="identity-mapper"
72b75f9642d4c117775b8613ccffddd5ff9c59a8Brendan Mmiller        parent-path="/">
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller        <adm:constraint>
80a21b2f138c5017c1d929d4879bfc686d6841ebBrendan Miller          <adm:synopsis>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller            The referenced identity mapper must be enabled when the
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller            <adm:user-friendly-name />
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller            is enabled.
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller          </adm:synopsis>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller          <adm:target-needs-enabling-condition>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller            <adm:contains property="enabled" value="true" />
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller          </adm:target-needs-enabling-condition>
80a21b2f138c5017c1d929d4879bfc686d6841ebBrendan Miller          <adm:target-is-enabled-condition>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller            <adm:contains property="enabled" value="true" />
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller          </adm:target-is-enabled-condition>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller        </adm:constraint>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller      </adm:aggregation>
bfd9faff49961e9db7b92f310d59923fd6234372Brendan Mmiller    </adm:syntax>
0c5e7ab011ba63c40aeb6c924bb888b21e481f59Brendan Mmiller    <adm:profile name="ldap">
e7bcfc8fc3a59824ed58768c7ef24163fed628cfBrendan Mmiller      <ldap:attribute>
877835274f73615fe922911749e4de093fb26cceBrendan Mmiller        <ldap:name>ds-cfg-identity-mapper</ldap:name>
e7bcfc8fc3a59824ed58768c7ef24163fed628cfBrendan Mmiller      </ldap:attribute>
72b75f9642d4c117775b8613ccffddd5ff9c59a8Brendan Mmiller    </adm:profile>
1865547d14d52f49a59e81d183910420f25dcecaBrendan Mmiller  </adm:property>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller</adm:managed-object>
3a666413480ef97101461705e1f47cbab0266301Brendan Mmiller