[Date Prev][Date Next] [Chronological] [Thread] [Top]

Correct way to verify inetOrgPerson userPassword?

To: openldap-software@OpenLDAP.org
Subject: Correct way to verify inetOrgPerson userPassword?
From: trebor iksrazal <iksrazal@yahoo.com>
Date: Mon, 22 Mar 2004 09:28:07 -0800 (PST)

We have lots of users, each with a cn, and a
inetOrgPerson userPassword attribute for every cn. We
currently do not bind with this password. 

Currently I recieve a user-typed password, search ldap
for the user-typed cn, download the userPassword from
ldap via a cn search, and finally match the user
entered password with what I recieved from ldap. I am
doing the match programmatically. 

Yet, it seems like a security flaw to download the
password. Can openldap do the match itself somehow? Is
there a better way to do our program's access
authentication? 

iksrazal

__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html

Follow-Ups:
- Re: Correct way to verify inetOrgPerson userPassword?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: synchronisation of LDAP with non-ldap data
Next by Date: gidNumber, uidNumber, memberUid semantic
Index(es):
- Chronological
- Thread