Security configuration between the proxy and the remote LDAP servers can be configured as follows:
During installation of Sun OpenDS Standard Edition proxy, by using the vdp-setup GUI. For more information, see To Set Up the Proxy Using the vdp-setup GUI in Sun OpenDS Standard Edition 2.2 Installation Guide.
After installation of Sun OpenDS Standard Edition proxy, by using the dsconfig command in interactive mode. For general information about using the dsconfig command, see Configuring the Server With dsconfig.
For security management, network groups can be enabled to classify incoming client connections. You can use network groups to restrict operations that can be performed based on how the connection has been classified. Use this functionality, for example, to restrict access to clients that connect from a specified IP address only. For more information, see Configuring Network Groups.
For secure client authentication between the proxy and remote LDAP servers, the certificate of the proxy must be imported into the truststore of each remote LDAP server. In this case, for Sun OpenDS Standard Edition proxy, a keystore is mandatory. The keystore must be configured manually. For details, see Configuring Key Manager Providers.
The security of Sun OpenDS Standard Edition proxy does not bypass the back-end ACI.