[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentification precisions

To: "Jean-Christian Hassler" <jchassler@hexaflux.com>
Subject: Re: Authentification precisions
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 15 Jun 2001 19:06:07 -0700
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <005501c0f4e4$26306300$5901a8c0@serd.lyon.hexaflux.loc>

At 08:10 AM 6/14/2001, Jean-Christian Hassler wrote:
>Hello,
> 
>I managed to configure a LDAP server with SASL/CRAM-MD5, the users and their passwords are in the sasldb.
>I'd like to know if there is a way to use the usernames and passwords  which are in the LDAP base with SASL 

Currently not.

>or should I use simple bind (but in this case we don't use SASL and the LDAP server won't be LDAPv3 compliant)?

While DIGEST-MD5 is LDAPv3's mandatory-to-implement secure authentication
mechanism, it's not mandatory-to-use.

See RFC 2829 for LDAP authentication security considerations.

References:
- Authentification precisions
  - From: "Jean-Christian Hassler" <jchassler@hexaflux.com>

Prev by Date: Re: openldap like proxy ldap
Next by Date: Regarding slurpd
Index(es):
- Chronological
- Thread