Re: How to connect to LDAP server on Geronimo from an LDAP client?

Fri, 20 Jan 2006 05:29:01 -0800

Hi,

Thanks for help. I am currently porting an application on geronimo using Apache Directory Server Service..

I am facing a problem with passwords.

I have an application that uses LDAP authentication. I have an user in LDAP Server, lets say, "user3" with password "pass123".

We can store the passwords in LDAP server either in BASE64 encoding or in MD5 digest or in SHA.

If I store password in BASE64 encoding, the application is authenticating successfully when I give correct userid/password as "user3"/"pass123".

When I store password in MD5, the authentication is failing with user3/pass123 as userid/password, eventhough they are correct as said above.

When I tried to investigate the problem, I found the following.
LDAP server is storing the password as BASE64Encoding("{md5}"+BASE64Encoding(MD5("pass123"))). Here "pass123" is the password.
MD5("pass123") is MD5 on "pass123".

So, when I send the password as "pass123", the LDAP server is not performing similar operation on this, as above, and compare it for
authentication. I guess, the responsibility does not lie on programmer to perform similar operation and send it for authentication.

Is it a problem with LDAP server?
Any comments on this?

 Thanks

phani

On 1/20/06, Cristian Roldan <[EMAIL PROTECTED]> wrote:
Hi,
   I have used the IBM's ldap client, but you could you any ldap client.
 
ldapsearch -h localhost -p 1389 -D "uid=admin,ou=system" -w secret -b "ou=system" "objectClass=*"
 
if everything works ok this should be the output:
 
ou=system
ou=system
objectClass=organizationalUnit
objectClass=top
ou=system
ou=system
objectClass=organizationalUnit
objectClass=top
ou=configuration,ou=system
objectClass=organizationalUnit
objectClass=top
ou=configuration
ou=interceptors,ou=configuration,ou=system
objectClass=organizationalUnit
objectClass=top
ou=interceptors
ou=partitions,ou=configuration,ou=system
objectClass=organizationalUnit
objectClass=top
ou=partitions
ou=services,ou=configuration,ou=system
objectClass=organizationalUnit
objectClass=top
ou=services
ou=groups,ou=system
objectClass=organizationalUnit
objectClass=top
ou=groups
ou=users,ou=system
objectClass=organizationalUnit
objectClass=top
ou=users
prefNodeName=sysPrefRoot,ou=system
objectClass=extensibleObject
prefNodeName=sysPrefRoot
uid=admin,ou=system
sn=administrator
objectClass=inetOrgPerson
objectClass=organizationalPerson
objectClass=person
objectClass=top
cn=system administrator
uid=admin
userPassword=secret
displayName=Directory Superuser
 
Bye.


Phani Madgula <[EMAIL PROTECTED]> escribió:
Hi
 
I am facing a problem while connecting to LDAP server from an LDAP client.
I have installed Softerra LDAP browser and tried to connect to LDAP server running on Geronimo.
 
I always get "Can not connect to the LDAP server : ERROR 91".
 
Any solution?
 
thanks
phani

 

1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
Abrí tu cuenta aquí


Reply via email to