geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phani Madgula <phanibalaji.madg...@gmail.com>
Subject Re: How to connect to LDAP server on Geronimo from an LDAP client?
Date Fri, 20 Jan 2006 13:28:28 GMT
Hi,

Thanks for help. I am currently porting an application on geronimo using
Apache Directory Server Service..

I am facing a problem with passwords.

I have an application that uses LDAP authentication. I have an user in LDAP
Server, lets say, "user3" with password "pass123".

We can store the passwords in LDAP server either in BASE64 encoding or in
MD5 digest or in SHA.

If I store password in BASE64 encoding, the application is authenticating
successfully when I give correct userid/password as "user3"/"pass123".

When I store password in MD5, the authentication is failing with
user3/pass123 as userid/password, eventhough they are correct as said above.

When I tried to investigate the problem, I found the following.
LDAP server is storing the password as
BASE64Encoding("{md5}"+BASE64Encoding(MD5("pass123"))). Here "pass123" is
the password.
MD5("pass123") is MD5 on "pass123".

So, when I send the password as "pass123", the LDAP server is not performing
similar operation on this, as above, and compare it for
authentication. I guess, the responsibility does not lie on programmer to
perform similar operation and send it for authentication.

Is it a problem with LDAP server?
Any comments on this?

 Thanks

phani
On 1/20/06, Cristian Roldan <roldancer@yahoo.com.ar> wrote:
>
> Hi,
>    I have used the IBM's ldap client, but you could you any ldap client.
>
> ldapsearch -h localhost -p 1389 -D "uid=admin,ou=system" -w secret -b
> "ou=system" "objectClass=*"
>
> if everything works ok this should be the output:
>
> ou=system
> ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=system
> ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=configuration,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=configuration
> ou=interceptors,ou=configuration,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=interceptors
> ou=partitions,ou=configuration,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=partitions
> ou=services,ou=configuration,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=services
> ou=groups,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=groups
> ou=users,ou=system
> objectClass=organizationalUnit
> objectClass=top
> ou=users
> prefNodeName=sysPrefRoot,ou=system
> objectClass=extensibleObject
> prefNodeName=sysPrefRoot
> uid=admin,ou=system
> sn=administrator
> objectClass=inetOrgPerson
> objectClass=organizationalPerson
> objectClass=person
> objectClass=top
> cn=system administrator
> uid=admin
> userPassword=secret
> displayName=Directory Superuser
>
> Bye.
>
>
> *Phani Madgula <phanibalaji.madgula@gmail.com>* escribió:
>
> Hi
>
> I am facing a problem while connecting to LDAP server from an LDAP client.
> I have installed Softerra LDAP browser and tried to connect to LDAP server
> running on Geronimo.
>
> I always get "Can not connect to the LDAP server : ERROR 91".
>
> Any solution?
>
> thanks
> phani
>
>
>
>
> ------------------------------
> *1GB gratis*, Antivirus y Antispam
> Correo Yahoo!, el mejor correo web del mundo
> Abrí tu cuenta aquí <http://login.yahoo.com/config/mail?.intl=ar>
>
>

Mime
View raw message