[Date Prev][Date Next] [Chronological] [Thread] [Top]

Compare-Request on hashed userPassword

To: openldap-technical@openldap.org
Subject: Compare-Request on hashed userPassword
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 27 Sep 2011 18:59:52 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20110902 Firefox/6.0.2 SeaMonkey/2.3.3

HI!

We have {SSHA}-hashed passwords in attribute userPassword.

One application sends CompareRequests with the clear-text password instead of
a BindRequest to validate the password which obviously fails. The application
vendor claims it is too much effort to change that behaviour in the
application. I guess this can only be solved in slapd by a custom overlay
intercepting the CompareRequest (which is effort too).

Or is there any other solution I don't know of?

Ciao, Michael.

Follow-Ups:
- Re: Compare-Request on hashed userPassword
  - From: Dan White <dwhite@olp.net>
- Re: Compare-Request on hashed userPassword
  - From: Pierangelo Masarati <masarati@aero.polimi.it>
- Re: Compare-Request on hashed userPassword
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Installing OpenLDAP OpenSSL not found
Next by Date: HP-UX, BDB cache size, db_private
Index(es):
- Chronological
- Thread