LDAP server
Click on the red underlined text to get to the source
...
LDAP server implementations MUST support the anonymous authentication
mechanism of the simple Bind method ...
... Some of these mechanisms are discussed below.
LDAP server implementations SHOULD support client assertion of
authorization identity ...
... 5.2.3).
LDAP server implementations that support no authentication mechanism
other than the anonymous mechanism ...
... opaque
binary tokens of arbitrary length. LDAP servers use the
serverSaslCreds field (an OCTET STRING) in a BindResponse message to
transmit each challenge. LDAP clients ...
... LDAP session state. LDAP servers SHOULD allow all clients --
even those with an anonymous authorization ...
... SASL EXTERNAL ([RFC4422], Appendix A) mechanism
to request the LDAP server to authenticate and establish a resulting
authorization identity ...
... client program might
make a decision to grant access to non-directory information on the
basis of successfully completing a Bind operation. LDAP server
implementations may return a success response to an unauthenticated
Bind request. This may erroneously leave the client ...