httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50028] Would like LDAP authentication to encrypt password from browser to web server
Date Wed, 29 Sep 2010 21:29:01 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50028

Stefan Fritsch <sf@sfritsch.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #1 from Stefan Fritsch <sf@sfritsch.de> 2010-09-29 17:28:55 EDT ---
It simply can't work. Citing a comment from the URL you have given:

'It is impossible to use Digest and LDAP together. This is because the LDAP
server can only answer to a query like "is password Y correct for user X?", but
it will never give the password. Digest, then, does not send a password to the
server. This means Apache doesn't have a password Y to query the LDAP server.'


You will have to use https instead.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message