ldapdb and crypt Userpassword

Igor Brezac igor at ipass.net
Tue May 9 12:43:46 EDT 2006


On Tue, 9 May 2006, Tuan Van wrote:

> Tuan Van wrote:
>> Hi list,
>> has anyone be able to get ldapdb to work with crypt Userpassword using
>> the patch mention in
>> http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=6183
>> ?
>>
>> TIA
>> Tuan
>>
> Thank you all for the replies. I am not here to advocate for crypt
> password in the back end. I am myself using auxprop with plaintext
> password stored in mysql. The reason I asked about the mention patch
> because I wonder if there is alternative to saslauthd (choice is good,
> right?)

The patch more than likely does not work because it does not account for 
the hash identifier in userPassword ({crypt}).  This is trivial to fix.

> even though it is trival to set it up and the document is good
> too. I like auxprop because it simple. I don't need to run yet another
> daemon.

What is wrong with running another daemon?  saslauthd is very stable 
except for certain pam implementations.

> WRT security, if one use PLAINTEXT mech  with TLS, wouldn't it
> be secured enough?

This is for you to decide.

-- 
Igor


More information about the Cyrus-sasl mailing list