[dev] Proposed patch for passwd nonanonymous ldap-search
Amith Varghese
amith at xalan.com
Fri Apr 9 09:27:41 PDT 2004
> why do all other passwd backends get their username/passwd from
> params, and just ldap needs that special "custom hook"?
>
> Timo
Please keep messages on the list:
LDAP uses a hook because it allows for greater flexibility than the
solution you
provided. For example, I disallow anonymous reads on my LDAP database, and in
addition I only allow users to change their own password. Based on your
solution, I have to limit who can bind to the LDAP server to 1 person (which
wouldn't work in my environment because users have to change their own
password). In theory I could hack the configuration file so that I could get
it to work in my environment, but everytime you went through the admin section
to change your configuration, the web GUI would blow away the custom
modifications. The hook is the preferred way to implement this type of
change.
Other backends don't require this because very few of them are setup
like LDAP
Amith
More information about the dev
mailing list