On 15 March 2011 08:46, Saul Hazledine <shaz...@gmail.com> wrote: > On Mar 15, 1:30 am, Paul Dorman <paul.dor...@gmail.com> wrote: > One thought though is that it may be quicker simply do a lookup on the > directory server, obtain the password and then do a compare. In > OpenLDAP, posixUser uids are indexed by default. Java libraries are > available for most password encryption algorithms. This is the > approach I use - do you know of any problems with my method?
Certainly when I was running LDAP servers we did not allow passwords to be retrieved from the server, as they are then susceptible to an offline dictionary attack. To authenticate users, you had to send a bind request to the server. Ray. -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en