The LDAP AuthenticationHandler does a bind using the provided credentials (username and password). It doesn't do anything special with the password. I've tried it with our configuration and it seems fine. Are there any settings on your LDAP server that could be allowing this to happen?
-Scott On 5/6/07, Jack HC LEE <[EMAIL PROTECTED]> wrote:
Dear All, I am using CAS Server 3.0.7 and Yale Client 2.1.1. I have serious problem when I authenticate against LDAP server using the bundled LDAP authentication handler. The password provided does not need to be completely matched with the one stored in LDAP. for example, correct password : apple you could get authenticated by providing "applea" "applejdhfkjadf" provided that the password is matched in the beginning part. any pointers will be appreciated. regards, Jack _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
