[Date Prev][Date Next]
Re: slap_sasl_checkpass - why?
>If you want to do a simple bind, why not just stick the actual password in
>your userPassword attribute in the first place?
I though the real idea was to support in-directory secret storage
for non-plain mechanisms. But IIRC most of those mechanisms actually
require access to the plaintext password to generate a hash, rather
than verifying the user-supplied credentials against the in-directory
passwords, which is what the checkpass API supports.
Luke Howard | lukehoward.com
PADL Software | www.padl.com