-
Bug
-
Resolution: Fixed
-
P3
-
1.4.0
-
None
-
beta
-
sparc
-
solaris_8
- Support additional hashing schemes (not just "crypt"), plaintext
- Support "bind" option that allows authentication to the directory
as a means of verifying credentials; this would allow use of directories
that do not support RFC 2307 to be used as the authentication database
(such as Active Directory). The bind option can specify the authentication
type to use (simple, DIGEST-MD5, ...); this option would only make sense
for LDAP-based systems or directories that support authentication; it doesn't
make sense for NIS. If the bind is successful, only the UnixPrincipal will
be set. I guess there can be an attempt to get other attributes.
- Support additional config parameters to make module more flexible
in non-RFC 2307 environments, such as the ability to specify the attribute
that contains the encrypted/clear password, uid information, group information.
See the TomCat JNDI Realm configuration for ideas.
- Support "bind" option that allows authentication to the directory
as a means of verifying credentials; this would allow use of directories
that do not support RFC 2307 to be used as the authentication database
(such as Active Directory). The bind option can specify the authentication
type to use (simple, DIGEST-MD5, ...); this option would only make sense
for LDAP-based systems or directories that support authentication; it doesn't
make sense for NIS. If the bind is successful, only the UnixPrincipal will
be set. I guess there can be an attempt to get other attributes.
- Support additional config parameters to make module more flexible
in non-RFC 2307 environments, such as the ability to specify the attribute
that contains the encrypted/clear password, uid information, group information.
See the TomCat JNDI Realm configuration for ideas.