I started work on a simulator LDAP authentication module (it is surprisingly simple using the .NET/Mono libraries), but ran into an issue. The client currently sends MD5 hashes of passwords instead of the plaintext password, and you must feed the plaintext password to the .NET library to do a proper bind. Even if a different LDAP library was used (or a new one written) it would still require a client modification to get the passwords in a different format. Worse still, there are several different authentication mechanisms depending on how your AD/OpenLDAP/etc admin has configured the service. The client would need to do an exchange with the login server to agree on a supported hashing format, or send the password in plaintext. I'm not in any position to do client modifications so I put this project on hold. If I'm missing something obvious or you discover a workaround please let me know and I can resume working on this.
John From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Jani Pirkola Sent: Thursday, September 18, 2008 3:22 AM To: [email protected] Subject: Re: AD/AM for enterprise authentication? Peter, thanks for bringing this up, it helps us to prioritize tasks when we know which ones are actually wanted. We already had this on our list so that we will hopefully enable AD for realXtend during this year. G2 Proto, do you think you and your group could contribute some help to this task? Best regards, Jani 2008/9/18 Peter_Quirk <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>> Active Directory / Application Mode looks very appropriate for leveraging enterprise SSO services from Active Directory while maintaining the application-specific information about a user's avatar identity. Pluggable authentication systems like this will greatly simplify realXtend's adoption for enterprise use. Information on AD/AM is available at http://www.microsoft.com/windowsserver2003/techinfo/overview/adam.mspx. --~--~---------~--~----~------------~-------~--~----~ http://groups.google.com/group/realxtend -~----------~----~----~----~------~----~------~--~---
