Re: (ITS#5207) Password checking: external program

Thursday, 1 November 2007

On Thursday 01 November 2007 12:15:28 Hadmut Danisch wrote:
...
 Buchan Milne wrote:
 > So wouldn't the existing {SASL} scheme for userPassword (which allows a
 > simple bind to be authenticated against a SASL identity) be sufficient?

 Not really, because SASL is not just a server plugin, it requires the
 client to have SASL (and the plugins) as well. Unfortunately, this is
 not the case in most scenarios. 
So you are unaware of the {SASL} scheme for userPassword, where slapd receives 
a simple bind, and tries to authenticate the user (as a SASL client) via the 
SASL mechanism with the identity following the scheme identifier in the 
userPassword attribute.

It is documented to some degree in the FAQ-o-matic.

Regards,
Buchan

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006