Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:
Hi Monks,
I'm working on a cgi script. Users must log in with a username and password, which my script sends to an LDAP server for authentication.
After the initial login, I want users to be able to go about using the script without having to log in again, e.g., I want to set a cookie. The cookie should contain the username and password of the user, and each time the script is called thereafter the cookie will be retrieved and checked against the LDAP server. But I don't want to set a cookie with the password in clear text, so I need to encrypt it somehow. I can't use a way-one encryption like an MD5 hash as I need to be able to decrypt the password to send to the LDAP server. Any suggestions on how to proceed? Specifically, encryption types and perl modules to use?
I'm working on a cgi script. Users must log in with a username and password, which my script sends to an LDAP server for authentication.
After the initial login, I want users to be able to go about using the script without having to log in again, e.g., I want to set a cookie. The cookie should contain the username and password of the user, and each time the script is called thereafter the cookie will be retrieved and checked against the LDAP server. But I don't want to set a cookie with the password in clear text, so I need to encrypt it somehow. I can't use a way-one encryption like an MD5 hash as I need to be able to decrypt the password to send to the LDAP server. Any suggestions on how to proceed? Specifically, encryption types and perl modules to use?
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Two-Way Password Encryption
by hardburn (Abbot) on May 07, 2003 at 14:19 UTC | |
by Joost (Canon) on May 07, 2003 at 14:54 UTC | |
Re: Two-Way Password Encryption
by Abigail-II (Bishop) on May 07, 2003 at 14:58 UTC | |
by petesmiley (Friar) on May 07, 2003 at 15:23 UTC | |
by fokat (Deacon) on May 07, 2003 at 17:46 UTC | |
by spartan (Pilgrim) on May 08, 2003 at 02:43 UTC | |
Re: Two-Way Password Encryption
by tjh (Curate) on May 07, 2003 at 14:44 UTC | |
Re: Two-Way Password Encryption
by Willard B. Trophy (Hermit) on May 07, 2003 at 15:00 UTC | |
Re: Two-Way Password Encryption
by sschneid (Deacon) on May 07, 2003 at 14:38 UTC | |
Re: Two-Way Password Encryption
by nite_man (Deacon) on May 07, 2003 at 14:55 UTC |
Back to
Seekers of Perl Wisdom