[Date Prev][Date Next]
Re: Encrypted Passwords
When you do basic authentication on a web server, the password arrives in the
CGI script encrypted. I was wondering if this encrypted password could be
passed to an LDAP server, and your response suggests it cannot (should not).
That's fine. We'll just write a quick login screen that gets both
username/password so we can have the password in cleartext on the server to
pass to LDAP. Since we're doing this over an https session they won't be
cleartext on the wire.