|No such thing as a small change|
Advice for saving a plaintext password for LDAP re-binds using StartTLSby ghenry (Vicar)
|on Aug 15, 2013 at 20:22 UTC||Need Help??|
ghenry has asked for the
wisdom of the Perl Monks concerning the following question:
I'm developing a web gui with Dojo and Catalyst for contacts management. It's for the public directory servers that power the SureVoIP IM service and store your global and private contact list.
ldap.surevoip.co.uk is public now and I'm working on syncing in from LinkedIn, Google and Salesforce. You just point your phone, email etc. at the server and import/export vcards, or LDIF.
Anyway, problem is that on the initial login I do an LDAP bind over StartTLS for authenticating and then create the session. That's fine as the session ticks over until it expires. My problem scope is that any LDAP operations need a re-bind as the logged in user (the user DN is in the session, so that's OK), but I don't have the plaintext password to re-bind with. Should I save this? I can't save a hash as I need the plaintext one.
Walking the road to enlightenment... I found a penguin and a camel on the way.....
Fancy a email@example.com? Just ask!!!