Sun Java System Directory Server Enterprise Edition 6.3 Deployment Planning Guide

Directory Proxy Server and Security

Directory Proxy Server accommodates large numbers of users who are accessing the directory and minimizes the security risks associated with providing this level of access. Security features enable administrators to determine where a request is coming from, whether the request is allowed, and what type of authentication is required. In the event of a search request, Directory Proxy Server can also ensure that the request meets minimum requirements.

Directory Proxy Server uses groups to define how to identify an LDAP client and what restrictions to enforce on clients that match a particular group. Groups can be defined using a variety of criteria.

To protect private directory information from unauthorized access, Directory Proxy Server can configure a fine-grained access control policy on LDAP directories. Such a policy can include controlling who can perform different types of operations on different parts of directories. Directory Proxy Server can be configured to prevent certain kinds of operations typically performed by web trawlers and robots in search of information.