LDAP Password problem
Scott Battaglia
scott.battaglia at gmail.com
Mon May 7 00:19:15 EDT 2007
The LDAP AuthenticationHandler does a bind using the provided credentials
(username and password). It doesn't do anything special with the password.
I've tried it with our configuration and it seems fine. Are there any
settings on your LDAP server that could be allowing this to happen?
-Scott
On 5/6/07, Jack HC LEE <ctjack at ust.hk> wrote:
>
> Dear All,
>
> I am using CAS Server 3.0.7 and Yale Client 2.1.1.
>
> I have serious problem when I authenticate against LDAP server using the
> bundled LDAP authentication handler. The password provided does not need
> to be completely matched with the one stored in LDAP.
>
> for example,
>
> correct password : apple
> you could get authenticated by providing "applea" "applejdhfkjadf"
>
> provided that the password is matched in the beginning part.
>
> any pointers will be appreciated.
>
> regards,
>
> Jack
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070507/ee4fb935/attachment.html
More information about the cas
mailing list