Net:Net:Net::LDAP::FAQ

------_=_NextPart_001_01C6429F.D89AA417
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hello,

Net::LDAP
Net::LDAPS

Is there a possible to LDAP bind with an encrypted (SHA, SSHA, CRYPT,
....) password? I don't like to write the secret password to the perl
file.


Best regards

Barbara Wilbert



------_=_NextPart_001_01C6429F.D89AA417--

Wilbert Barbara (CI/OSI) * wrote:
> Hello,
> 
> Net::LDAP
> Net::LDAPS
> 
> Is there a possible to LDAP bind with an encrypted (SHA, SSHA, CRYPT,
> ...) password? I don't like to write the secret password to the perl
> file.

If the script is interactive, then just ask the user for the password 
with Term::ReadKey.

If the script is non-interactive, then it probably shouldn't be binding 
with elevated priveleges.


BR,
Mike

-- 
http://www.netauth.com - LDAP Directory Consulting

On 8/3/06 11:02, Wilbert Barbara (CI/OSI) * <[email protected]>
wrote:

> Hello,
> 
> Net::LDAP
> Net::LDAPS
> 
> Is there a possible to LDAP bind with an encrypted (SHA, SSHA, CRYPT,
> ...) password? I don't like to write the secret password to the perl
> file.

If the server has the plain-text password in its databases, and the user
sends a {ssha} (etc) password in the bind, the server should be able to
compare them and authenticate the user.

If the server has the {ssha} (etc) password in its databases, and the user
sends a plain-text password in the bind, the server should be able to
compare them and authenticate the user.

If the server has the {ssha} (etc) password in its databases, and the user
sends a {ssha} (etc) password in the bind, the server should *not* be able
to compare them and thus *not* be able to authenticate the user.

But it does really depend on how your server is implemented.

Cheers,

Chris