Database Reference
In-Depth Information
</group>
</search>
</context>
</realm>
</security-manager>
true if you are using SSL, or false otherwise.
The network host name of either the Active Directory domain or a domain con‐
troller within the domain, and the TCP port to talk to the Active Directory LDAP
server on; TCP port 389 is usual, or 636 if you are using SSL.
The fully qualified Active Directory domain name.
The LDAP search base for your Active Directory, typically an organization unit
followed by the Active Directory domain name components.
The username of an Active Directory account, which may connect to the LDAP
server and interrogate the LDAP store.
The password of the Active Directory account being used.
Other Realm Modules
eXist also has authentication modules for OpenID and OAuth, but these are relatively
new and not yet completely integrated into the eXist Security Manager. They are
almost certainly not ready for production use; however, if you do need OpenID or
OAuth support, they could serve as a starting point for further development or dis‐
cussion with the eXist community.
The source code for these modules can be found in $EXIST_HOME/extensions/secu‐
rity . It is expected that these modules will be further developed in the near future and
added to a subsequent release of eXist.
Hardening
The topic of hardening focuses on taking a standard eXist installation and modifying
its defaults to make it more resilient to would-be intrusion. As eXist ships, it is in
pretty good shape from a security perspective, but it also needs to be usable by a wide
array of people for a variety of tasks, so some flexibility is afforded; there are several
additional things that can be done to increase the security of your installation. This
information is most pertinent if you are running an eXist server and providing access
to others, for example as a website or web services.
Search WWH ::




Custom Search