[Date Prev][Date Next]
Re: LDAP Authentication
To send a blank password is the same as doing an anonymous bind.
It exists a patch for this, alternativ you do
I once used the patch, but did not like the solution, considering hat I have to
apply the patch for every new release, so now I make sure that defaultaccess is
Citerat från Cthulhu <email@example.com>:
> I have a strange behavoiur in both OpenLDAP 1.2.11 and 2.0.6: when I
> try to authenticate a user with "ldapadd" or trought a PHP / JSP page,
> the user is authenticated even if it leave a blank password.
> It seems to be an half working auth, since the user achieve only READ
> permission, but of course this is not a wanted feature.
> Some one is suggesting that this can be a compilation problem, I'm
> worried that there is also something I don't know about LDAP.
> Can some point me in the right direction?
> Ph'nglui mglw'nafh Cthulhu http://www.rlyeh.it/ wgah'nagl fhtgan!
Systech Consulting AB
Tel: +46 60 64 11 00
Cellular: +46 70 312 91 97
Go to http://roam.systech.se