Rolf Broehmer wrote: > > To check the user name and password entered on the client side against > the ldap server, I construct a searchControl, e.g. > (&(uid=Miller)(userPassword=Test)). The uid and userPassword are > transferred to the iPlanet ldap server as plain text.
Don't do this! Check the username and password with a BindRequest. Ciao, Michael.
