Re: how can LDAP injection blocked?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

mete bilgin wrote:
> I'm developing a web-based ldap gui with python ( with python-ldap ).
> And i miss something about security. How can i blocked ldap injection?

Could you please elaborate on what you mean with "ldap injection"?

Most security issues with attacking the connection can be cured with
SSL/TLS. So your client should support LDAPS and StartTLS ext.op. and
defining the trusted root CA certs.

Ciao, Michael.