[Date Prev][Date Next] [Chronological] [Thread] [Top]

Correct way to verify inetOrgPerson userPassword?

We have lots of users, each with a cn, and a
inetOrgPerson userPassword attribute for every cn. We
currently do not bind with this password. 

Currently I recieve a user-typed password, search ldap
for the user-typed cn, download the userPassword from
ldap via a cn search, and finally match the user
entered password with what I recieved from ldap. I am
doing the match programmatically. 

Yet, it seems like a security flaw to download the
password. Can openldap do the match itself somehow? Is
there a better way to do our program's access


Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.