I am trying to get my web application to interface with my LDAP Server for user authentication. I am pretty new to LDAP so if please any guidance on this is greatly appreciated. I have a few questions that I really need help, these are
1. I try to avoid to use clear text password for my rootpw defined in the slapd.conf file, I try to use ldappasswd to encrypt it but I have not luck, could someone provide me some examples on how to use this utility.
2. Since my main objective is to store the user information including user id and password for my web-based client authentication, I then create a simple LDAP directory which contain the following information. My question is that is it the right way to define my user authentication directory ??? Should I use the existing objectclass and the corresponding attributes such as userpassword or I should define my own objectclass and attributes???
After loading my example.ldif into LDAP database using ldapadd command, my clear-text password got encrypted (I am not which encryption). For instance, my uid=johns with userpassword=foo is encrypted into DKSJFL. In that case, how do I authenticate the user-entered password with the password store in the LDAP database. I am using Java JNDI to access to my LDAP Server right now. Should I use the SEARCH operation to fetch out my password and decrypt (????which decryption should I use) for a given user id and then compare the two strings....Is it the most optimal way to this ??????
Thanks in advance for all your help....
# Organization for NetZero Corporation
#dn: o=example, c=US
# Organizational Unit for NetZero Corporation
#dn: ou=People, o=example, c=US
# People in the Organization Unit
dn: uid=johns, ou=People, o=example, c=US