[Date Prev][Date Next] [Chronological] [Thread] [Top]

JNDI, SHA and userPassword Searches

To: openldap-software@OpenLDAP.org
Subject: JNDI, SHA and userPassword Searches
From: todd makinster <todd.makinster@sd2.com>
Date: Tue, 19 Jun 2001 16:05:25 -0500
Organization: SD2

Hi, long time searcher, first time poster.

Quick Rundown:
RedHat 2.2.14
OpenLDAP 2.0.7
Java 1.3.0_02

Skill levels:
Java: good
OpenLDAP (or just LDAP): beginner


Ok, I am attempting to use OpenLDAP as the authentication
mechanism of our Intranet. I currently have a testuser
in my directory with known password stored with
userPassword: {SHA}BASE64String.

Currently, I can connect and search the directory with
no problems, until I try to use the userPassword attribute.

Simplified Process executed by a java program:
Step 1: Connect <ok>
Step 2: Search for username provided by user:
    ldapseach "(uid=login)" <ok>
Step 3: Reject or accept, reject return <ok>
Step 4: Search for username and password provided by user:
    ldapsearch "(&(uid=login)(userPassword={SHA}BASE64Guess))"
    <failure>

The kick in the pants is that when I System.out the {SHA}BASE64Guess,
copy & past it into a command line $ldapsearch I am given the proper
results.

Or could my problem be in my configuration file?
Is this correct? From my slapd.conf:

access to attr=userPassword
    by self write
    by anonymous auth
    by dn="cn=admin,o=sd2" write
    by * none

(When I set the security stuff in Java I use the admin dn)


Any ideas? Any insights? Both much appreciated, thank you,
todd


--

< t o d d . m a k i n s t e r @ s d 2 . c o m >
       F : 3 1 2 . 6 6 4 . 6 6 8 0 : F

Prev by Date: ldaptcl (fwd)
Next by Date: Directorymark
Index(es):
- Chronological
- Thread