[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Valid characters in username and password?
Kurt,
That helps. I'm also interested in how this relates to looking up
usernames with a filter. Let's say I want to look up "bob", so I
search for "(|(cn=bob))". And I get a hit. Well, what if I want to
lookup something bogus like "tr)@*(((D=+-JK34" Those parentheses,
stars, and equal signs will mess up my ldap filter if I plug them
right in:
bob
"(|(cn=bob))"
Valid search filter
tr)@*(((D=+-JK34
"(|(cn=tr)@*(((D=+-JK34))"
Invalid search filter
Is there anyway to know which characters to filter, or anyway to
escape them (like with a backslash in C?)
- Jeremiah
inlovewithGod@gmail.com
On 8/11/05, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
> At 06:42 AM 8/11/2005, Jeremiah Martell wrote:
> >What characters are valid in a LDAP username or password?
>
> OpenLDAP Software generally uses userPassword for passwords,
> its an octetString compared octetwise per RFC 2256. Client
> software is responsible for ensuring any character data in
> passwords is presented in a common way on the wire.
>
> Usernames in LDAP are generally DNs. OpenLDAP Software does
> not place significant restrictions on the kinds of values one
> can use in naming.
>
> (OpenLDAP supports SASL, usernames and passwords (where used)
> depend on the mechanism involved.)
>
> Kurt
>
>