Thanks, we appreciate that! Jani
2008/9/26 Peter_Quirk <[EMAIL PROTECTED]> > > jani, > > I'm asking some of the Microsoft people interested in OpenSim to have > a look at this. A known insecure solution will not be acceptable in my > enterprise. > > -- Peter > > On Sep 25, 2:26 pm, "Jani Pirkola" <[EMAIL PROTECTED]> wrote: > > John, > > > > how long you can wait for us to figure out how/what to do? > > Even if using SSL and plaintext password on top of that isn't the best > > solution, it is a good option, right? How much work that would cause on > our > > end? I really would love to see the AD/AM implemented and if John is > doing > > it ... we should give support. > > If we go that way now, can we change it later to be smarter? > > > > Best, > > Jani > > > > 2008/9/25 Matti Kuonanoja <[EMAIL PROTECTED]> > > > > > > > > > > > > > Sending password as plain text might be possible if the connection is > > > encrypted exp. with SSL. But as Mikko said it isn't best practice. > > > > > I don't have a solution to this right now. We must research this > > > matter more to get authentication scheme where we support existing > > > methods like openID, AD etc. > > > > > On 25 syys, 00:14, "Jani Pirkola" <[EMAIL PROTECTED]> wrote: > > > > MattiK, > > > > > > can you figure out how to solve this one? We need to do it anyway so > why > > > not > > > > do it as soon as possible to help John to help us. > > > > > > Best regards, > > > > Jani > > > > > > 2008/9/25 Hurliman, John <[EMAIL PROTECTED]> > > > > > > > I started work on a simulator LDAP authentication module (it is > > > > > surprisingly simple using the .NET/Mono libraries), but ran into an > > > issue. > > > > > The client currently sends MD5 hashes of passwords instead of the > > > plaintext > > > > > password, and you must feed the plaintext password to the .NET > library > > > to do > > > > > a proper bind. Even if a different LDAP library was used (or a new > one > > > > > written) it would still require a client modification to get the > > > passwords > > > > > in a different format. Worse still, there are several different > > > > > authentication mechanisms depending on how your AD/OpenLDAP/etc > admin > > > has > > > > > configured the service. The client would need to do an exchange > with > > > the > > > > > login server to agree on a supported hashing format, or send the > > > password in > > > > > plaintext. I'm not in any position to do client modifications so I > put > > > this > > > > > project on hold. If I'm missing something obvious or you discover a > > > > > workaround please let me know and I can resume working on this. > > > > > > > John > > > > > > > *From:* [email protected] [mailto: > [EMAIL PROTECTED] > > > *On > > > > > Behalf Of *Jani Pirkola > > > > > *Sent:* Thursday, September 18, 2008 3:22 AM > > > > > *To:* [email protected] > > > > > *Subject:* Re: AD/AM for enterprise authentication? > > > > > > > Peter, > > > > > > > thanks for bringing this up, it helps us to prioritize tasks when > we > > > know > > > > > which ones are actually wanted. We already had this on our list so > that > > > we > > > > > will hopefully enable AD for realXtend during this year. > > > > > G2 Proto, do you think you and your group could contribute some > help to > > > > > this task? > > > > > > > Best regards, > > > > > Jani > > > > > > > 2008/9/18 Peter_Quirk <[EMAIL PROTECTED]> > > > > > > > Active Directory / Application Mode looks very appropriate for > > > > > leveraging enterprise SSO services from Active Directory while > > > > > maintaining the application-specific information about a user's > avatar > > > > > identity. Pluggable authentication systems like this will greatly > > > > > simplify realXtend's adoption for enterprise use. Information on > AD/AM > > > > > is available at > > > > > > http://www.microsoft.com/windowsserver2003/techinfo/overview/adam.msp...siteerattuteksti > - > > > > > > - Näytä siteerattu teksti -- Hide quoted text - > > > > - Show quoted text - > > > --~--~---------~--~----~------------~-------~--~----~ http://groups.google.com/group/realxtend -~----------~----~----~----~------~----~------~--~---
