RE: authentication

[David Marshall]

I use both.   Mod_SSL will encrypt the communications to/from the user at the browser   Mod_auth_ldap will encrypt the "authentication" communication between itself and the LDAP server.    David Marshakk -----Original Message----- From: Joe Pearson [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 14, 2002 4:09 AM To: [EMAIL PROTECTED] Subject: Re: authentication If you want to encrypt the login and password, you would use SSL.  I've never tried mod_auth_ldap, but I assume it would do nothing about encrypting the login and password between the browser and the server.   If mod_auth_ldap supports ssh, it is to encrypt the transmission between Apache and the ldap server.  You would only need mod_auth_ldap + SSH if the LDAP server was connected across an insecure link.   Joe Pearson   ----- Original Message ----- From: Lionel Gauliardon To: [EMAIL PROTECTED] Sent: Thursday, March 14, 2002 2:10 AM Subject: authentication Hello,   I currently work with apache 1.3.12, i want authenticate user (login/password) from server ldap, today (in my config) login and password are cleartext so i want to "crypt" there. Should I use mod_ssl to do this or mod_auth_ldap (which also support ssh) ?   Thanks for your advice.   Regards, Lionel.