[JDEV] Simple LDAP Authentication

Bernd Eckenfels lists at lina.inka.de
Wed Apr 25 20:04:14 CDT 2001

On Tue, Apr 24, 2001 at 06:58:00PM -0500, mark at mjwilcox.com wrote:
> There isn't a technical reason why plaintext and LDAP 
> authentication can't work. We did it for xdb_ldap for Jabber 1.0.
> The LDAP library simply must make an ldap_bind() call with the 
> user's DN and password. 

Actually the Problem is not Plaintext but Challenge/Response Passwords. The
easisiest way would be to pass the challenge and the response to the LDAP
server in a SASL bind and let the server do challenge/response. Of course
this requires a modified LDAP Server, but in that case you dont need to
retrieve Plain Passwords for doing challenge/response authentication. I
think even thinking about Plain text authentication as long as SSL is not
default in jabber is plain wrong in most cases.

  (OO)      -- Bernd_Eckenfels at Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes at irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

More information about the JDev mailing list