[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Debugging a user authentication

Hallvard B Furuseth wrote:
Michael Ströder writes:
Hallvard B Furuseth wrote:
Howard Chu writes:
[Pulling last line up front]
userPassword is a string of *octets* not *characters*...
This is backwards.  That simply means anything can be stored there
- so password charset policy, if any, is up to whoever stores
userPassword values.
Yupp. And this lead to interop problems.

Well, yes. In the sense that "LDAP auth won't work at our site" is no interop problem while "it works when clients do it <this way>" is.

My original posting back then was triggered by Netscape Communicator 4.x sending the password as ISO-8859-1 (Latin 1) while using UTF-8 for everything else (even with LDAPv2). Well, that's a long time ago but I can imagine that there are LDAP clients out there which still do it like this and (almost correctly) claim to be LDAPv3 compliant.

Ciao, Michael.