[
https://issues.apache.org/jira/browse/DIRSERVER-1573?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pierre-Arnaud Marcelot closed DIRSERVER-1573.
---------------------------------------------
Resolution: Invalid
Fix Version/s: (was: 2.0.0-RC1)
Assignee: Pierre-Arnaud Marcelot
As stated by Wikipedia:
Need to secure server: The server needs access to the users' plain text
passwords. Therefore it must take additional care to secure these passwords.
Typically by using reversable cryptography.
http://en.wikipedia.org/wiki/CRAM-MD5
Closing the jira as invalid.
> CRAM-MD5 Authentication does not work when password is stored in a crypted
> form
> -------------------------------------------------------------------------------
>
> Key: DIRSERVER-1573
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1573
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-RC1
> Reporter: Pierre-Arnaud Marcelot
> Assignee: Pierre-Arnaud Marcelot
> Priority: Critical
>
> CRAM-MD5 Authentication does not work when password is stored in a crypted
> form.
> When password is stored as plaintext, authentication succeeds.
> When password is stored encrypted, using {MD5} for example, then
> authentication fails with the following exception:
> "javax.security.sasl.SaslException: Invalid response".
> This exception is thrown in class BindHandler at line 297.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
