[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication



"Devdas Bhagat" <devdas@worldgatein.net> wrote...
> Can I have an application open a connection to OpenLDAP-2.0.11
> and repeatedly bind to it as different users for the purpose of
> authentication? With just one connection opened and all required
> data being handled over the same channel.
> Essentially
> bind, retrieve data, repeat with different values.

that's possible, i'd say.. at least perLDAP (www.perldap.org) offers a
function to do this:

if ($conn->simpleAuth($dn, $PASS))
  print "authenticated!\n";
else
  print "failed!\n";

you may repeat this function several times with different dn/pass.
have a look at:
http://www.mozilla.org/directory/faq/perldap-faq.html#_ldap_10

> Is this workable, or would storing user passwords encrypted in LDAP
> and having each application verify them individually be better?

your storing userpasswords in LDAP anyway, i think. which solution is better
depends on the usecase, i'd say. opening multiple connections allows you to
benefit from a multithreaded LDAP e.g.

daniel