On Tue, Apr 24, 2001 at 06:58:00PM -0500, [EMAIL PROTECTED] wrote:
> There isn't a technical reason why plaintext and LDAP
> authentication can't work. We did it for xdb_ldap for Jabber 1.0.
> The LDAP library simply must make an ldap_bind() call with the
> user's DN and password.
Actually the Problem is not Plaintext but Challenge/Response Passwords. The
easisiest way would be to pass the challenge and the response to the LDAP
server in a SASL bind and let the server do challenge/response. Of course
this requires a modified LDAP Server, but in that case you dont need to
retrieve Plain Passwords for doing challenge/response authentication. I
think even thinking about Plain text authentication as long as SSL is not
default in jabber is plain wrong in most cases.
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
_______________________________________________
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
