Menu
▾
▴
userpassword
|
From: Odell, C. (Dyncorp) <COd...@DT...> - 2001-07-03 19:24:20
|
I found in the archives from last August (with slight modification to
protect the fish)
================
to do a compare:
use Net::LDAP::Constant;
$mesg = $ldap->compare($dn,"userpassword",_properly_encoded_password);
if ($mesg->code() == LDAP_COMPARE_TRUE)
{
auth success
}
==================
I assume that '_properly_encoded_password' is the encripted password held by
the directory server because
the plain text password does not provide LDAP_COMPARE_TRUE.
Is it possible to obtain username / password validation using perl-ldap if I
have the plain text password.
I can use normal prompt for user / password for the CGI portion of my
program, but I also need to validate the user as part of a daemon request.
My security folks feel that passing the encripted password to the daemon
only proves that I was able to access the directory server and ask for the
encripted password.
Thanks,
chauncey
|
