[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap auth from external application

To: openldap-technical@openldap.org
Subject: ldap auth from external application
From: Zdenek Styblik <stybla@turnovfree.net>
Date: Wed, 24 Jun 2009 19:59:07 +0200
Openpgp: url=http://stinkfoot.org:11371/pks/lookup?op=index&search=Styblik
Organization: OS TurnovFree.net
User-agent: Thunderbird 2.0.0.21 (X11/20090302)

Hi,

I'd like to ask why is auth from external applications like eg. ftp
server done via proxy user, and not straight with user provided credentials.
The only thing I came up with is that there is possible risk with
hi-jacking session due to flaw in application, still- I'm missing the
big picture here. Or return code 49 is not enough for failed auth?

Could somebody, please, clarify this for me? I'm sure there are really
good reasons no to so (straight auth), still I've "found" pros in not
having additional user which is capable to read others (even hashed)
passwords, and probably no need to be password hash dependent as whole
auth would be LDAPs domain.

Thanks,
Zdenek

-- 
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net

Follow-Ups:
- Re: ldap auth from external application
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Re: RHEL 5 rpms
Next by Date: Re: OpenLDAP Mirror Mode configuration
Index(es):
- Chronological
- Thread