[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: binding with crypted password
Pierre BARIDON wrote:
> is it possible to bind with a crypted password ?
Possible: yes.
You may store the crypt representation of your password as a clear text
password in LDAP. But be careful to not "forget", that that wouldn't be
a crypted password anymore, but just a cleartext password reading
"c4jHzC08CN.ug" in stead of "foo".
You'll have to decide on your own whether this makes sense in your case
or not.
Note: You will definitively _not_ be able to store a crypted password
in LDAP like
userpassword: {crypt}c4jHzC08CN.ug
and, after that, bind with the crypted string. That's because it won't
make _any_ sense to store a password crypted, if you can afterwards use
the encrypted string as a password as well.
If you don't have to _bind_, there is another possibility:
You may add an additional filter to your search, like
"userpassword={crypt}c4jHzC08CN.ug". Though this requires "compare"
access to the userpassword attribute, a possible security problem.
hth,
daniel
--
Experience is something you don't get until just after you need it.