test

Sun Java System Web Proxy Server 4.0.2 2005Q4 Administration Guide

Installing the Digest Authentication Plug-in

For Digest authentication using an LDAP-based directory service, you must install the Digest authentication plug-in. This plug-in computes a digest value on the server side, and compares this against the digest value provided by the client. If the digest values match, the user is authenticated.

If you are using a file-based authentication database, you do not need to install the Digest authentication plug-in.

Installing the Digest Authentication Plug-in on UNIX

The Digest authentication plug-in consists of a shared library found in both:

ProcedureTo install the Digest authentication plug-in on UNIX

Steps

  1. Make sure this shared library resides on the same server computer on which the Sun Java System Directory Server is installed.

  2. Make sure you know the Directory Manager password.

  3. Modify the libdigest-plugin.ldif file changing all references to /path/to to the location where you installed the digest plug-in shared library.

  4. To install the plug-in, enter the command:

    % ldapmodify -D "cn=Directory Manager" -w password -a < libdigest-plugin.ldif

Installing the Digest Authentication Plug-in on Windows

You must copy several .dll files from the Proxy Server installation to your Sun Java System Directory Server server computer for the Directory Server to start properly with the Digest plug-in.

ProcedureTo install the Digest authentication plug-in on Windows

Steps

  1. Access the shared libraries in Proxy Server in:

    server_root\\bin\\proxy\\bin

  2. Copy the files:

    • nsldap32v50.dll

      • libspnr4.dll

      • libplds4.dll

  3. Paste them into either:

    • \\Winnt\\system32

      • The Sun Java System Directory Server install directory: server_root\\bin\\sldap\\server

Setting the Sun Java System Directory Server to Use the DES Algorithm

The DES algorithm is needed to encrypt the attribute where the digest password is stored.

ProcedureTo set the Directory Server to use the DES algorithm

Steps

  1. Launch the Sun Java System Directory Server Console.

  2. Open your iDS 5.0 instance.

  3. Select the Configuration tab.

  4. Click the + sign next to plug-ins.

  5. Select the DES plug-in.

  6. Choose Add to add a new attribute.

  7. Enter iplanetReversiblePassword.

  8. Click Save.

  9. Restart your Sun Java System Directory Server instance.

    Note –

    To set a Digest authentication password in the iplanetReversiblePassword attribute for a user, your entry must include the iplanetReversiblePasswordobject object.