I don't know much about LDAP, but... Is password hashing part of the
standard? Is there some way for our LDAP realm to figure out whether
the server expects a password in plain text or MD5 or SHA? I know we
can send the hashed password, it's just a question of figuring out
which password method the LDAP server is expecting. If nothing else,
we could add a configuration option for the password hashing
mechanism, but I would hope we could tell from the server's initial
challenge or something.
Thanks,
Aaron
On 1/25/06, Phani Madgula <[EMAIL PROTECTED]> wrote:
> Hi Hernan,
>
> I am using AG1.0. I tried with other LDAP clients.
> I observed that, some clients store passwords in SHA, by deafult.
> The authentication is failing in either case [MD5 or SHA]
>
> Thanks
> phani
>
>
>
> On 1/25/06, Hernan Cunico <[EMAIL PROTECTED]> wrote:
> > Hi Phani,
> > So far I am only getting this error while using Jxplorer. What other
> > client have you tried?
> >
> > Cheers!
> > Hernan
> >
> > Hernan Cunico wrote:
> > >
> > >> Hi Phani,
> > >> sorry for the delay in the reply. I am having some issues too while
> > >> validating the user.
> > >> Maybe you arlready replied this in a previous note but, what version
> > >> of Geronimo are you using?
> > >>
> > >> Cheers!
> > >> Hernan
> > >>
> > >> Phani Madgula wrote:
> > >>
> > >>> Hi Hernan,
> > >>>
> > >>> Thanks for the link. It is quite helpful & informative.
> > >>>
> > >>> I did similar operations, as specified in my previous mail, by
> > >>> deploying the sample application given in the article. I added a new
> > >>> user user3/pass123 in "ou=users, ou=system" in Directory server, and
> > >>> in geronimo-web.xml I added the user3 in role mappings
> > >>>
> > >>> <role-mappings>
> > >>> <role role-name="content-administrator">
> > >>> <realm realm-name="ldap-realm">
> > >>>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> > >>>
> > >>> name="admin" designated-run-as="true"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>> name="system"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>> name="user3"/>
> > >>> </realm>
> > >>> </role>
> > >>>
> > >>> <role role-name="guest">
> > >>> <realm realm-name="ldap-realm">
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal
> > >>> "
> > >>> name="guest" designated-run-as="true"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>> name="user1"/>
> > >>> <principal
> > >>>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> > >>>
> > >>> name="user2"/>
> > >>> </realm>
> > >>> </role>
> > >>>
> > >>> </role-mappings>
> > >>>
> > >>> I used Jxplorer LDAP client to create the new user users3. When I
> > >>> provide password in PLAIN format which uses BASE64 encoding through
> > >>> LDAP client, the application is authenticating successfully. When I
> > >>> store it in MD5, the authentication is failing for user3.
> > >>>
> > >>> Any issue while using MD5 ?
> > >>>
> > >>> thanks
> > >>> phani
> > >>>
> > >>> On 1/21/06, *Hernan Cunico* <[EMAIL PROTECTED]
> > >>> <mailto: [EMAIL PROTECTED]> > wrote:
> > >>>
> > >>> Hi Phani,
> > >>> Here is an article that may help you configure LDAP
> > >>>
> > >>>
> > >>>
> http://opensource2.atlassian.com/confluence/oss/display/GERONIMO/Configuring+LDAP
> > >>>
> > >>>
> > >>> Cheers!
> > >>> Hernan
> > >>>
> > >>> Phani Madgula wrote:
> > >>> > Hi
> > >>> >
> > >>> > I am facing a problem while connecting to LDAP server from an
> > >>> LDAP client.
> > >>> > I have installed Softerra LDAP browser and tried to connect to
> > >>> LDAP
> > >>> > server running on Geronimo.
> > >>> >
> > >>> > I always get "Can not connect to the LDAP server : ERROR 91".
> > >>> >
> > >>> > Any solution?
> > >>> >
> > >>> > thanks
> > >>> > phani
> > >>>
> > >>>
> > >>
> > >
> >
>
>
