[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Newbie question: setting userPassword field

At 01:26 PM 2/8/00 +1030, Dan wrote:
>Slowly becoming clearer.  So then there would be LDAP clients that would
>authenticate a user's login and password by attempting to bind?

Yes.  The bind operation is the only mechanism to authenticate
to the LDAP directory.

>For example, I hook up an LDAP module to Apache.  It asks me for a username
>and password.  I type in "dan", and "mypassword".  Depending on the module,
>it may then attempt to bind as "dn=dan, o=fatcanary" using the password
>"mypassword".  The OpenLDAP then hashes "mypassword" and compares it with
>the userPassword field.  If the hash matches, I'm authenticated; if not, I'm
>denied access.  Am I getting warmer here?