Hello everyone, My name is Kevin and I am writing to ask a question about access to ApacheDS 2.0.0-M2. Currently I have a bunch of users set up and the apacheds is used to authenticate the users on my website. My question is about accessing the apacheds. On my Apache Directory Studio, I can login as admin and see everything. The problem is that I can also log in as any other user in the database and I can see other user's information. Not sure if I am being clear.
If someone has their own username and password and also the port and address of my server, they can login (using Apache Directory Studio or any other client) and see all of the records. Obviously the passwords are hashed, but it is still a liability for the users to be able to see e-mails/etc of other users. Is there any way to limit the information that certain users can see (ie, they could login, but not see any records)? Please let me know soon. Thanks, Kevin