On 10-12-28 7:55 PM, Ludovic Marcotte wrote: [snip]
For 3 and 4, we could as you suggested store a SHA (or whatever) version of the cleartext password in memcached that we would have got during the very first call and then, upon subsequent calls, compute again the deduced value and compare those hashes instead of going to the LDAP server (or SQL server if using SQL-based authentication).
Done.
-- Ludovic Marcotte [email protected] :: +1.514.755.3630 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- [email protected] https://inverse.ca/sogo/lists
