It depends what this password really is on LDAP side. If it's a custom field that happen to contain a password then no XWiki does not provide any configuration to encode a passord on XWiki side before comparing it. But if we are talking about a real LDAP user then this is not the standard way to validate a user: by default XWiki is validating the user by doing a LDAP bind with whatever user/password you are giving it and the actual password encoding and comparison is then LDAP server responsibility. On Sun, Aug 17, 2014 at 2:22 AM, Bryn Jeffries <[email protected]> wrote:
I would like to have XWiki authenticate logins by accessing a local LDAP server and validate the password using SSHA (comparison of hashed login plus salt). Could anyone give me a definitive answer as to whether this can be done using existing extensions? I've gone round in circles reading old posts and JIRA issues, and I'm more lost than before.
If it isn't possible with current extensions, could anyone suggest a good approach to implementing support? I had thought to use the LDAP Administration module, so perhaps there's a way to add something small over the top?
Any useful responses would be much appreciated.
B _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne