[Date Prev][Date Next]
Double passwords in accounts
Based on the fact that the userPassword attribute is NOT single-valued
in the schema definition, I was wondering whether there are cases where
we could use a double-password approach or if doing that would just
cause a mess.
For example, could we store both a clear-text password (to be used e.g.
in DIGEST authentication) AND an encrypted (SSHA or MD5) one for
standard use? If that could work, (I assume that) openldap would know
which one to use based on the negotiation with the client application,
which would normally try different authentication methods in a
particular order. Openldap would then use the right password
automatically (ideally), depending on the authentication method used
Any info would be appreciated.