Jörn Nettingsmeier schrieb:
Jann Forrer wrote:
Jörn Nettingsmeier wrote:
hi!
here are some thoughts about a possible future authentication scheme:
* all passwords are stored as hashes only.
If you use LDAP, passwords are not stored in Lenya at all
(...)
which is what i'm ultimately aiming at: single sign-on via ldap with a
samba domain controller.
speaking of ldap: does anyone know how the current ldap implementation
works? jwkaltz?
Well I didn't write it originally, but we are using it (and I added some
stuff & docu). Lenya uses only standard Java code (JNDI) for LDAP
access. The Lenya-specific class "LDAPUser.java" exists mainly to use
the Java API in the right way, making it work for several backends
does it use an ldap auth mechanism, or is the password transferred from
the ldap server in plaintext and the lenya servlet does the authentication?
That depends on the auth scheme, which you specify in ldap.properties
HTH
--
Wolfgang
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
