LDAP Authentication |
Post Reply 
|
| Author | |
yapadu 
Senior Member 
Joined: 12 May 2005 Status: Offline Points: 297 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: LDAP AuthenticationPosted: 01 March 2009 at 10:07pm |
|
I am looking at using Open LDAP to support user authentication for SF. The instructions on setting it up are a bit thin.
I see the search mask, which will locate the user (by email address?) but how does the password validation work? How do we have to store the password in the LDAP server, what type of hash etc? |
|
 |
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 02 March 2009 at 10:54pm |
|
yapadu,
In LDAP, you can search objects using various attributes, for example by uid or cn. SpamFilter by default will lookup a "username" in the sAMAccountName, the uid, and the UserPrincipalName attributes. The "username" is whatever you decide to use as a key to identify users in your LDAP installation. If you wish to use a different attribute, such as "mail" for example, you can just add: (mail=%0:s) to the list of attributes being searched by SpamFilter when performing the LDAP query. Once SpamFilter locates the user (for which the credentials - username and password - are provided in the SMTP session) in LDAP, it will then try to authenticate such user with the above username/password on your LDAP server. If the authentication request is successful, the user is allowed to send mail. There are no requirements in how passwords are stored in LDAP. You can use clear text, crypt, MD5, etc. There is no need to use reversible encryption, as SpamFilter is simply using the username/password provided in the SMTP session to attempt an authentication request to LDAP. |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.113 seconds.