[Date Prev][Date Next]
Re: Authenticating with blank passwords
Emmanuel Dreyfus wrote:
Max Williams <email@example.com> wrote:
Does anyone know a work around or some way of allowing clients to authenticate
with blank passwords?
Write a shell backend that only do the authentication?
That won't work; Binds with empty password are processed by the frontend.
You'll just have to hack the existing code in bind.c to allow what you
want. From a security perspective, what you want is an extremely bad
idea. I don't think you'll convince anybody to make it a standard feature.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/