Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.programmer > #15101 > unrolled thread
| Started by | Kevin McMurtrie <mcmurtrie@pixelmemory.us> |
|---|---|
| First post | 2012-06-07 23:11 -0700 |
| Last post | 2012-06-07 23:11 -0700 |
| Articles | 1 — 1 participant |
Back to article view | Back to comp.lang.java.programmer
Digest auth from HTTP to LDAP Kevin McMurtrie <mcmurtrie@pixelmemory.us> - 2012-06-07 23:11 -0700
| From | Kevin McMurtrie <mcmurtrie@pixelmemory.us> |
|---|---|
| Date | 2012-06-07 23:11 -0700 |
| Subject | Digest auth from HTTP to LDAP |
| Message-ID | <4fd197a7$0$36852$742ec2ed@news.sonic.net> |
I have a situation where I need to authenticate an HTTP client with low latency on a LAN. It doesn't matter if the connection is watched, I only need to verify who is publishing data. Right now I'm using a Servlet filter that implements rfc2069 (Digest Access Authentication) to protect certain HTTP resources. It's getting pre-hashed passwords from a config file so there is no plaintext anywhere in the pipeline. I'd like for LDAP authentication to also be an option. LDAPv3 implements the same authentication scheme via SASL so this should be easy to pass through, right? The only LDAPv3 clients that I can find take a plaintext password and negotiate the digest themselves. Is there an LDAP client that will allow the caller to participate in the authentication? I know there are other solutions but they're not as elegant or easy to integrate into an existing LDAP database. -- I will not see posts from Google because I must filter them as spam
Back to top | Article view | comp.lang.java.programmer
csiph-web