Re: Debugging a user authentication

[Michael Ströder <michael@stroeder.com>]

Hallvard B Furuseth wrote:
> Michael Ströder writes:
> > Hallvard B Furuseth wrote:
> > > Howard Chu writes:
> > > [Pulling last line up front]
> > > > userPassword is a string of *octets* not *characters*...
> > > This is backwards.  That simply means anything can be stored there
> > > - so password charset policy, if any, is up to whoever stores
> > > userPassword values.
> > Yupp. And this lead to interop problems.
>
> Well, yes.  In the sense that "LDAP auth won't work at our site" is
> no interop problem while "it works when clients do it <this way>" is.

My original posting back then was triggered by Netscape Communicator 4.x 
sending the password as ISO-8859-1 (Latin 1) while using UTF-8 for 
everything else (even with LDAPv2). Well, that's a long time ago but I 
can imagine that there are LDAP clients out there which still do it like 
this and (almost correctly) claim to be LDAPv3 compliant.

Ciao, Michael.