I doubt it's possible with regular windows authentication either. Both kerberos and ntlm are challange-response based and require more interaction with the AD. IF not sending passwords is your primary concern, perhaps look into SPNEGO authentication?
Mvh, /Fredrik ----- Reply message ----- Från: "Marvin Addison" <[email protected]> Datum: lör, okt 1, 2011 23:34 Rubrik: [cas-dev] Encrypt password in client side Till: "[email protected]" <[email protected]> > I will implement a javascript function whose algorithm is same as the AD's > one to encrypt the password before submit login form. Then the > AuthenticationHanlder will check the received encrypted password match with > the hash password in ActiveDirectory. I'm not sure this architecture is > feasible. It's not possible with an LDAP authentication handler. Both simple bind and DIGEST-MD5 expect a plaintext password. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
