27 Sep
2011
27 Sep
'11
9:59 a.m.
HI!
We have {SSHA}-hashed passwords in attribute userPassword.
One application sends CompareRequests with the clear-text password instead of a BindRequest to validate the password which obviously fails. The application vendor claims it is too much effort to change that behaviour in the application. I guess this can only be solved in slapd by a custom overlay intercepting the CompareRequest (which is effort too).
Or is there any other solution I don't know of?
Ciao, Michael.