An Authentication ID is an identifier that is used by a client to identify itself to the Directory Server for certain kinds of SASL Mechanisms (e.g., CRAM-MD5 SASL Mechanism, DIGEST-MD5, and PLAIN SASL Mechanism). It can be used to allow a client to identify itself with a username (or other friendly identifier) rather than a DN.
In most cases, an Authentication ID should be specified in one of the following forms:
- The string "dn:" followed by the distinguished name of the target user (or just the string "dn:" if the authentication identity should be that of the anonymous user).
- The string "u:" followed by a username used to identify the user. An identity mapper will be used to map the provided username to the corresponding user LDAP Entry.