[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: possible to use webPassword or mailPassword for auth ?

To: Michael Ströder <michael@stroeder.com>
Subject: Re: possible to use webPassword or mailPassword for auth ?
From: Andreas Stollar <andreas@speakeasy.net>
Date: Fri, 10 Aug 2001 09:57:58 -0700 (PDT)
Cc: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <3B73F86E.63698BB5@stroeder.com>

Right, that is sort of a given is it not? The pppPassword attribute
contains a crypted string like this:
pppPassword: {crypt}$1$EYKv9Bek$7L9MLtzy9f3G2.70GDUc1/

I set up Radiator radius to map the radius PasswordAttr to the ldap
pppPassword attribute instead on the ldap userPassword attribute. I have
tested the radius server extensively, it works very well, and is able to
use the pppPassword attribute for authentication. It definitely won't let
me dial in with an incorrect password, but the correct password works like
a charm.

Andreas

On Fri, 10 Aug 2001, Michael Ströder wrote:

> Date: Fri, 10 Aug 2001 17:06:22 +0200
> From: Michael Ströder <michael@stroeder.com>
> To: Andreas Stollar <andreas@speakeasy.net>
> Cc: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
> Subject: Re: possible to use webPassword or mailPassword for auth ?
>
> Andreas Stollar wrote:
> >
> > We created a new attribute called pppPassword.
>
> Note that this way has some security implications. You have to at
> least allow the authentication process to compare the password.
>
> Ciao, Michael.
>

Follow-Ups:
- backend API document...
  - From: anish sheth <asheth@cisco.com>

References:
- Re: possible to use webPassword or mailPassword for auth ?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: possible to use webPassword or mailPassword for auth ?
Next by Date: backend API document...
Index(es):
- Chronological
- Thread