Menu
▾
▴
Re: userpassword
|
From: David B. <d.b...@ma...> - 2001-07-04 00:18:57
|
Of course, the easiest way to do a password compare without having to
worry about the encoding, or UTF, or any other directory specific stuff is
to try doing a bind as that user.
If you can bind, then the password was OK.
Isn't that easier than the other options given?
David.
"Odell, Chauncey (Dyncorp)" <COd...@DT...>
Sent by: per...@li...
07/04/01 05:24 AM
To: "'per...@li...'"
<per...@li...>
cc:
Subject: userpassword
I found in the archives from last August (with slight modification to
protect the fish)
================
to do a compare:
use Net::LDAP::Constant;
$mesg = $ldap->compare($dn,"userpassword",_properly_encoded_password);
if ($mesg->code() == LDAP_COMPARE_TRUE)
{
auth success
}
==================
I assume that '_properly_encoded_password' is the encripted password held
by
the directory server because
the plain text password does not provide LDAP_COMPARE_TRUE.
Is it possible to obtain username / password validation using perl-ldap if
I
have the plain text password.
I can use normal prompt for user / password for the CGI portion of my
program, but I also need to validate the user as part of a daemon request.
My security folks feel that passing the encripted password to the daemon
only proves that I was able to access the directory server and ask for the
encripted password.
Thanks,
chauncey
|
