[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword compare fix

At 03:36 PM 1/28/2006, Luke Howard wrote:

>>With this overlay a user can compare a cleartext value to an hashed
>>userPassword value but also can compare the hashed value to the
>>userPassword. (So he could check also if "{crypt}qWe2pXud183" is the
>>stored password)
>Might be nicer to handle the latter case using SLAP_CB_CONTINUE.

Both parts of the compare should be done in the same transaction
to preserve X.500/LDAP ACID properties.

-- Kurt