[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Valid characters in username and password?



Kurt,

   That helps. I'm also interested in how this relates to looking up
usernames with a filter. Let's say I want to look up "bob", so I
search for "(|(cn=bob))". And I get a hit. Well, what if I want to
lookup something bogus like "tr)@*(((D=+-JK34" Those parentheses,
stars, and equal signs will mess up my ldap filter if I plug them
right in:

bob
"(|(cn=bob))"
Valid search filter

tr)@*(((D=+-JK34
"(|(cn=tr)@*(((D=+-JK34))"
Invalid search filter

   Is there anyway to know which characters to filter, or anyway to
escape them (like with a backslash in C?)

  - Jeremiah
  inlovewithGod@gmail.com

On 8/11/05, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
> At 06:42 AM 8/11/2005, Jeremiah Martell wrote:
> >What characters are valid in a LDAP username or password?
> 
> OpenLDAP Software generally uses userPassword for passwords,
> its an octetString compared octetwise per RFC 2256.  Client
> software is responsible for ensuring any character data in
> passwords is presented in a common way on the wire.
> 
> Usernames in LDAP are generally DNs.  OpenLDAP Software does
> not place significant restrictions on the kinds of values one
> can use in naming.
> 
> (OpenLDAP supports SASL, usernames and passwords (where used)
> depend on the mechanism involved.)
> 
> Kurt
> 
>