[jadmin] PAM authentication
Paul Curtis
pfc at terrapin.com
Wed Jun 28 09:48:50 CDT 2006
Dmitry S. Makovey wrote:
> Follow-up for those who are interested in topic (or for archival
> purposes): seems like Jabberd doesn't like our LDAP because our
> passwords are encrypted and Jabberd "wants" to see unencrypted
> passwords which is odd since in mysql database it encrypts passwords
> just fine... hmmm...
That is correct.
jabberd2 uses an LDAP bind to authenticate the user's credentials
against the LDAP server. Because of this, the password from the jabber
client must be in plaintext. Some LDAP servers provide the userPassword
attribute in clear text form, most, however, do not.
Try using plaintext auth in the jabber client, and enforce TLS or legacy
SSL to protect the clear text password as it passes from the client to
the server.
Paul
More information about the JAdmin
mailing list