Hi,
I have a Active Directory for which I can connect using simple
JAVA calls. Like setting
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://"+domain+":389");
env.put(Context.SECURITY_PRINCIPAL, userName);
env.put(Context.SECURITY_CREDENTIALS, password);
this works. But I want to enhance the security here. Should I go for SSL or SASL? (if so how to enable them in my active directory? and what changes I might require in my code?)
And what are "simple", "Digetst-MD5", and "GSSAPI" mechanisms? are they part of different mechanism of SASL authentication?
My queries are:
1. How to enable SSL and SASL ( "simple", "Digetst-MD5", and "GSSAPI" ) in my Active Directory.
2. If my ldap client application wants to connect to different person's active directory, then how should I come to know which sort of authentication that AD supports? ( is it through supportedSASLMechanisms property of active directory? but to fetch these property, we have to connect to this AD first!!! )
I really got confused with SSL/TLS/SASL/simple/Digest-MD5/GSSAPI/Anonymous/External type of authentication...

Don't know how to set them in my active directory and also not getting how to check which one is being configured in my setup

Any help to clarify my doubts will be helpful.
Regards,