Stephanie Zohner said: > Hi, > > I make use of the LDAP transformer for authentification in my web > application. > > When I understood the documentation right then Authentification requires > 2 steps: > > 1. get all necessary user data (username & password) from all users in > LDAP 2. Compare the username/password provided with the login with all > data sets retrieved from LDAP, if there is a match, the authenfification > was successful. > > Is that right? > > Here's my problem then. > > I can retrieve both, username and password, but how can I compare the > passwords. The password retrieved from LDAP is encrypted. So in order to > compare > them, I need to encrypt the password on Cocoon side with the same > algoithm, right. > Where do I get the encryption algorithm from?
Hi Stephanie, I'm afraid you have some reading to do. This is a very big issue that can't really be handled by e-mail. You do not have to encrypt the password on the Cocoon side, in fact you shouldn't. What you should do instead is let the LDAP server authenticate your user based on the information you pass. You'll need an API to do this. At the moment the best choice is the JLDAP api available from Novell. http://developer.novell.com/ndk/ldap-index.htm. There are code examples as well, so you can see how things are done, but I suggest reading the documentation quite carefully. Rod. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
