[Date Prev][Date Next]
Re: Valid characters in username and password?
That helps. I'm also interested in how this relates to looking up
usernames with a filter. Let's say I want to look up "bob", so I
search for "(|(cn=bob))". And I get a hit. Well, what if I want to
lookup something bogus like "tr)@*(((D=+-JK34" Those parentheses,
stars, and equal signs will mess up my ldap filter if I plug them
Valid search filter
Invalid search filter
Is there anyway to know which characters to filter, or anyway to
escape them (like with a backslash in C?)
On 8/11/05, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
> At 06:42 AM 8/11/2005, Jeremiah Martell wrote:
> >What characters are valid in a LDAP username or password?
> OpenLDAP Software generally uses userPassword for passwords,
> its an octetString compared octetwise per RFC 2256. Client
> software is responsible for ensuring any character data in
> passwords is presented in a common way on the wire.
> Usernames in LDAP are generally DNs. OpenLDAP Software does
> not place significant restrictions on the kinds of values one
> can use in naming.
> (OpenLDAP supports SASL, usernames and passwords (where used)
> depend on the mechanism involved.)