You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Dominique Cimafranca <do...@yahoo.com> on 2003/05/17 01:29:14 UTC
LDAP user passwords: cleartext or crypt
Hi, all,
I'm working with Jetspeed 1.4-b4. The LDAP authentication piece is
working okay. Jetspeed talks to the LDAP server. However, something
confuses me:
I created a user account, and when I checked on the LDAP directory using
gq, the password was shown in cleartext, not crypt.
Is this the expected behavior? I'm confused because the LDAP notes states
that Unix crypt is the only supported encrypting method.
Is there a flag in the JetspeedSecurity.properties that I missed out on?
I'm using the unmodified JetspeedSecurity.properties file that comes with
the Jetspeed source.
Thanks in advance.
=====
---------------------------------------------------------------------
Dominique Gerald M. Cimafranca | E-mail: dominique_cimafranca@yahoo.com
Village Idiot Savant | Web site: http://www.sketches.kom.ph
Dumaguete City, Philippines | Fortuna favet fatuis.
---------------------------------------------------------------------
__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
Re: LDAP user passwords: cleartext or crypt
Posted by Florian Brunswicker <fl...@nefkom.net>.
Hi Dominique,
i was not able to set up ldap on my windows system up to now, but it looks
like this can be configured in JetspeedSecurity.properties.
The Security Service can be configured to make the password checking secure.
See services.JetspeedSecurity.secure.passwords.
Hope this helps,
Florian Brunswicker
----- Original Message -----
From: "Dominique Cimafranca" <do...@yahoo.com>
To: <je...@jakarta.apache.org>
Sent: Saturday, May 17, 2003 1:29 AM
Subject: LDAP user passwords: cleartext or crypt
> Hi, all,
>
> I'm working with Jetspeed 1.4-b4. The LDAP authentication piece is
> working okay. Jetspeed talks to the LDAP server. However, something
> confuses me:
>
> I created a user account, and when I checked on the LDAP directory using
> gq, the password was shown in cleartext, not crypt.
>
> Is this the expected behavior? I'm confused because the LDAP notes states
> that Unix crypt is the only supported encrypting method.
>
> Is there a flag in the JetspeedSecurity.properties that I missed out on?
> I'm using the unmodified JetspeedSecurity.properties file that comes with
> the Jetspeed source.
>
> Thanks in advance.
>
> =====
> ---------------------------------------------------------------------
> Dominique Gerald M. Cimafranca | E-mail: dominique_cimafranca@yahoo.com
> Village Idiot Savant | Web site: http://www.sketches.kom.ph
> Dumaguete City, Philippines | Fortuna favet fatuis.
> ---------------------------------------------------------------------
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org