Menu
▾
▴
Re: [VuFind-Tech] Password Retention on LDAP Authentication
|
From: Bob W. <bwi...@pl...> - 2008-04-28 14:51:00
|
I'm not using LDAP but I adapted the same code to work with SIP. It doesn't look like the password is being intentionally stored but the user->password variable is being set. If the user somehow initiated a second logon and this value is still set it could be inserted into the database. I'd have to do some testing but it might happen after a users session times out and they logon again. Bob ----- Original Message ----- From: "Joel Timothy Norman" <joe...@wm...> To: vuf...@li... Sent: Friday, April 25, 2008 2:27:30 PM (GMT-0500) America/New_York Subject: [VuFind-Tech] Password Retention on LDAP Authentication Hi, I am running LDAP Authentication. I have noticed that random user passwords are saved into the mysql database. I would rather not retain this information since the ldap password is subject to change. I would rather not be responsible for such items. Is this a fluke or a feature? Has anyone else experienced this? Joel Norman ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Vufind-tech mailing list Vuf...@li... https://lists.sourceforge.net/lists/listinfo/vufind-tech |