Kim Cary wrote: > If someone wanted to write and contribute an authentication handler > with this feature for some common backends, e.g. AD & OpenLDAP, that > would, I'm sure, be appreciated by a lot of people.
So let's just take a look at MS AD and OpenLDAP as example: 1. In AD (not ADAM) you have to set 'unicodePwd' with UTF-16-le encoding of the password enclosed in double quotes. 2. With OpenLDAP you have several methods: - Password modify extended operation (might be needed because of Samba/Kerberos password syncing or other security requirements) - Setting 'userPassword' directly either as clear-text or one of several salted hash schemes. > .. some configurations might still not be able to use it, though. That's very likely and therefore not worth the effort within CAS. Ciao, Michael. _______________________________________________ Yale CAS mailing list cas@tp.its.yale.edu http://tp.its.yale.edu/mailman/listinfo/cas
