Re: pass-through authentication and base64

[sergio <mailbox@sergio.spb.ru>]

On 08/16/2012 11:33 AM, Emmanuel LÃcharny wrote:

> You have asked that openLDAP not to encode the UserPassword value, when
> OpenLDAP does *not* encode anything.

Sorry, I should write slapcat or ldapsearch in the original letter.


> The value is *always* store in binary format. This is the LdapSearch
> utility which encodes in base64 this attribute, which is supposed not
> to be a String, but a byte array

So, userPassword described in system schema and it can't be changed. And
so ldapseach and slapcat print it in base-64 and it's also hardcoded.


> Now, if you want to get the String value out of a base64 encoded
> OctetString AttributeType, you have to write your own tooling...


Ask the question differently.

ldap needs some links for external auth. And as they are text string I'd
like to see them as text. Moreover I'd like to specify a template, for
example I want to authenticate all inetOrgPerson-s as uid@MYREALM.


--
sergio.