[JDEV] Simple LDAP Authentication
mark at mjwilcox.com
mark at mjwilcox.com
Tue Apr 24 18:58:00 CDT 2001
I haven't seen the module in question so I can't specifically tell you
how to go about fixing it.
There isn't a technical reason why plaintext and LDAP
authentication can't work. We did it for xdb_ldap for Jabber 1.0.
The LDAP library simply must make an ldap_bind() call with the
user's DN and password.
However, that will only solve the authentication issue. I don't know
of an LDAP module that stores everything (ie filters, presence,
rosters) in LDAP. Until we get all of this information moved from 1
file per user into a database, the limitations will exist. The easiest
temporary hack to xdb_file would be to enable users to be stored in
directories according to username
ie:
a --> all usernames start with a
b --> .. with b
....
I know this is how the cyrus IMAP server gets around the 32K
directory limitation.
It does look like that some help may arrive with the xdb_java stuff.
Mark
On 24 Apr 01, at 18:58, Mark Cheverton wrote:
> mark at mjwilcox.com wrote:
> >
> > Sorry, I may have rushed to judgement, but I still think that
> > totally reinventing the wheel is always the wrong the thing to do. I
> > didn't mean to insinuate what you did was silly or stupid, but that
> > there is a right way and a wrong way to do LDAP authentication.
> >
> Can I just insert in here a question I didnt really get an answer to,
> using yet another ldap module in contrib:
>
> I've just been playing with the C&W ldap xdb module which
> works
> very
> well with 1.4. Unfortunatly my ldap DB has passwords stored as MD5
> hashes and so the digest or plaintext method will not work. Is there
> any plans to work with this kind of scheme (I dont really see a way
> roud it unless you want to abandon the concat with the session key or
> bind directly to the ldap server for auth which aint good) or should I
> just plan on storing a plain text password specifically for jabber?
>
> -Mark
> --
> Mark Cheverton aka [MORAT]Ennui http://morat.net/
> Morat Games ICQ: 42123856
>
> Free hosting for clans including discussion boards, email etc. If
> you need hosting for your clan with all the gaming extras see
> http://clans.morat.net/hosting.phtml
>
> --+++ Less Lag More Frag +++--
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>
>
Mark Wilcox
mark at mjwilcox.com
Got LDAP?
More information about the JDev
mailing list