Nuxeo does not compare the passwords. It issues a bind LDAP request with the DN of the user to authenticate and the plain password from the login form. I am pretty sure it's up to the LDAP server implementation to decide wether it has to hash the password with a SHA1 and MD5 function before comparing to it's internal password attribute. Nuxeo never attempts to read the password field from the LDAP.
Which LDAP server are you using? Can you send us the LDIF export of a fake LDAP entry that can used to reproduce the issue? -- Posted by "ogrisel" at Nuxeo Discussions <http://nuxeo.org/discussions> View the complete thread: <http://www.nuxeo.org/discussions/thread.jspa?threadID=4011#12315> _______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
