[JDEV] Simple LDAP Authentication
Bernd Eckenfels
lists at lina.inka.de
Wed Apr 25 20:04:14 CDT 2001
On Tue, Apr 24, 2001 at 06:58:00PM -0500, mark at mjwilcox.com wrote:
> There isn't a technical reason why plaintext and LDAP
> authentication can't work. We did it for xdb_ldap for Jabber 1.0.
> The LDAP library simply must make an ldap_bind() call with the
> user's DN and password.
Actually the Problem is not Plaintext but Challenge/Response Passwords. The
easisiest way would be to pass the challenge and the response to the LDAP
server in a SASL bind and let the server do challenge/response. Of course
this requires a modified LDAP Server, but in that case you dont need to
retrieve Plain Passwords for doing challenge/response authentication. I
think even thinking about Plain text authentication as long as SSL is not
default in jabber is plain wrong in most cases.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels at Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes at irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
More information about the JDev
mailing list