Menu
▾
▴
Re: [Fwd] Question on LDAP for passwords.
|
From: Chris R. <chr...@me...> - 2001-12-05 09:24:44
|
Graham Barr <gb...@po...> wrote: > ----- Forwarded message from Steven Lembark <sle...@kn...> > ----- > > Date: Sun, 02 Dec 2001 09:58:15 -0600 > To: gb...@po... > From: Steven Lembark <sle...@kn...> > Subject: Question on LDAP for passwords. > X-Mailer: Mulberry/2.1.1 (Linux/x86) > > > Aside from ssl/ssh, is there any cute trick built into > LDAP for checking passwords without sending them in the > clear? Playing with it, I seem to end up either sending > in the password with the user query or getting it back > as clear text in the LDAP reply. > > thanx. No, that is how LDAP simple authentication works. LDAP has other authentication mechanisms that can avoid this, namely SASL. Perl-ldap supports the CRAM-MD5 and EXTERNAL mechanisms. Cheers, Chris |
