[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pass-through authentication and base64

On 08/16/2012 11:33 AM, Emmanuel LÃcharny wrote:

You have asked that openLDAP not to encode the UserPassword value, when
OpenLDAP does *not* encode anything.

Sorry, I should write slapcat or ldapsearch in the original letter.

The value is *always* store in binary format. This is the LdapSearch
utility which encodes in base64 this attribute, which is supposed not
to be a String, but a byte array

So, userPassword described in system schema and it can't be changed. And
so ldapseach and slapcat print it in base-64 and it's also hardcoded.

Now, if you want to get the String value out of a base64 encoded
OctetString AttributeType, you have to write your own tooling...

Ask the question differently.

ldap needs some links for external auth. And as they are text string I'd
like to see them as text. Moreover I'd like to specify a template, for
example I want to authenticate all inetOrgPerson-s as uid@MYREALM.