Log in

No account? Create an account
April 25th, 2001 - LiveJournal Development — LiveJournal [entries|archive|friends|userinfo]
LiveJournal Development

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

April 25th, 2001

Secure login, LDAP authentication [Apr. 25th, 2001|02:45 am]
LiveJournal Development


It'd be convenient if I could authenticate my users against our LDAP server rather than make everyone remember Yet Another password. I suspect this would be a feature appreciated by many businesses considering LiveJournal for intranet use.

However, I don't actually have access to the user passwords, so I can't do the usual "compare hashed passwords" deal, and having the user send an unhashed password in the clear (so I can try binding to LDAP as them) is unacceptable.

This implies either
  1. SSL
  2. some other public-key encryption scheme
  3. some aspect of LDAP authentication I'm not familiar with
Barring (3), I suspect the easiest of these is SSL. The server side stuff is easy (with apache-ssl and Net::LDAP), and there are readily available libraries to do it on the client side.

I guess the real question is whether I can persuade Evan to add support for this :) It's okay if not every client in existence can connect to a secure-login-only LiveJournal server, we just need one good Win32 client and one good Unix client, and right now LoserJabber and Evan's upcoming Win32 client look like the most promising candidates.

I dunno. Any thoughts?
link9 comments|post comment

[ viewing | April 25th, 2001 ]
[ go | Previous Day|Next Day ]