OpenLDAP and SSHA

[spfma...@e.mail.fr]

Hi,

I am trying to setup CAS with an OpenLdap backend, and I wonder if it is possible to deal with SSHA encrypted passwords. I made some tests : it is working with SHA, not with SSHA.

Of course, the documentation is clearly mentioning SHA hash comparisons, but SSHA is a valid password scheme in the world of Java.

So maybe I missed something. If not, is support planed in the future ?

Regards

 

[spfma...@e.mail.fr]

I am answering to myself, maybe somebody will misread the doc the same way I did and loose some time : if no “principalAttributePassword” attribute is set (“cas.authn.ldap[0].principalAttributePassword=” in the cas.properties file), the authentication only relies on a successful LDAP bind.

No more password comparison at CAS level, it is on the LDAP side.

So this way, it is working (tested with AUTHENTICATED and ANONYMOUS modes) with SSHA passwords.

 

 

De : cas-...@apereo.org <cas-...@apereo.org> De la part de spfma...@e.mail.fr
Envoyé : vendredi 15 mai 2020 13:16
À : cas-...@apereo.org
Objet : [cas-user] OpenLDAP and SSHA

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/005c01d62aaa%2442281ba0%24c67852e0%24%40e.mail.fr.