[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [ldapext] draft-behera-ldap-password-policy - bind behaviour when pwd must be changed

To: ldapext@ietf.org
Subject: RE: [ldapext] draft-behera-ldap-password-policy - bind behaviour when pwd must be changed
From: John McMeeking <jmcmeek@us.ibm.com>
Date: Fri, 21 Nov 2003 09:09:52 -0600




Andrew Sciberras wrote:

> I really believe that the compare should fail as well.
> The description for the 'Compare Operation':
> "The compare operation MAY be used to compare a password. This might
>  be performed when a client wishes to verify that user's supplied
>  password is correct. An example of this is an LDAP HTTP
>  authentication redirector. It may be desirable to use this rather
>  than performing a bind operation in order to reduce possible
>  overhead involved in performing a bind."
>
> Surely this is the exact scenario for which we are having this
> discussion; a client using the directory to authenticate someone's
> password to grant them access to another service.

I agree.  I forgot about compare in my discussions.


John  McMeeking


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Prev by Date: RE: [ldapext] draft-behera-ldap-password-policy - bind behaviour when pwd must be changed
Next by Date: Re: [ldapext] draft-behera-ldap-password-policy - bind behaviour when pwd must be changed
Index(es):
- Chronological
- Thread