LDAP
Users can now choose SSL (Secure Socket Layer) for communications between Cradle clients and an LDAP server.
A second LDAP authentication method has been provided in which a user enters a username and password to a Cradle client or command-line utility and this username and password are passed as clear text (optionally over a SSL connection) to bind to an LDAP server. If the bind is successful this validates the username and password with LDAP, and if the username exists as a Cradle username in the specified project, then the user is logged-in to the Cradle project with that username.
This mechanism effectively bypasses the Cradle password and allows the user to use any username provided that they know the LDAP password for this user.
The LDAP authentication method provided in Cradle-5.4 is still available. In this method, the Cradle clients and command-line utilities do not need a username or password to be specified, only the project code of the desired project. The Cradle client or utility binds anonymously to the LDAP server (or binds with fixed details specified in Cradle’s LDAP configuration files) and searches for the current network username (the Windows or UNIX username). If this is found, and the username exists in the specified Cradle project, the user is allowed access to the project with that username.
|
