On Sun, Feb 7, 2010 at 1:21 AM, Brian Candler <b.cand...@pobox.com> wrote:
> On Sat, Feb 06, 2010 at 05:31:29PM -0800, Chris Anderson wrote:
>> I'd love to hear people's ideas about what schema to store the passwords in:
>>
>> maybe something like this in the _user doc:
>>
>> {
>> credentials : {
>> type : "bcrypt",
>> whatever else
>> }
>> }
>
> Don't reinvent the wheel; do exactly what OpenLDAP does with userPassword.
>
> password: "plain"
> password: "{CRYPT}$1$foo$bar"
> password: "{SHA1}..."
> password: "{SSHA1}...with salt..."
> ... etc
>
That doesn't sound bad at all.
Scouting for implementations I found this Erlang LDAP project, but
there's got to be more out there:
http://code.google.com/p/erldir/
Is there a world-class LDAP server written in Erlang yet? Maybe just
not open source?
If we can't find an Erlang library, is there a spec we should look at
while implementing?
Chris
--
Chris Anderson
http://jchrisa.net
http://couch.io
