Hi,
The callback mechanism is implemented for users to specify their own
ways to manage passwords.
Samples in rampart callbacks are just to provide a guide for users to
write their own callback modules.
You may use a different validation before returning the password.
Something like validation before extracting the password from a
database. These are beyond the scope of rampart. But I'll try to figure
out a way to overcome your problem. May be to improve the callback
sample a bit :). And your comments on these are more than welcome
Cheers,
Kaushalye
Dave Meier wrote:
Hi,
With the callback module that returns the password, is there a good way
to configure
the apache server to lock this module down so nobody else can call it?
I'm concerned about it being a security hole.
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender by
reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
