On Mar 15, 1:30 am, Paul Dorman <paul.dor...@gmail.com> wrote: > Hi Saul, > > I would like to implement a LDAP authentication in Clojure, based > around clj-ldap. Do you think it is necessary for the bind-request > function to be private? In LDAP v3 bind requests can be sent at any > time during a connection, so I can run a small connection pool for > authentication without the overhead of creating a new connection every > time someone authenticates. My plan is to take the UID and password, > search the directory for the matching DN, and then bind with that DN > given the provided password. > changes
I had no idea you could do that - cool. One thought though is that it may be quicker simply do a lookup on the directory server, obtain the password and then do a compare. In OpenLDAP, posixUser uids are indexed by default. Java libraries are available for most password encryption algorithms. This is the approach I use - do you know of any problems with my method? > Any enormous flaws in this approach? More specifically, would you > consider a public bind-request function in an upcoming release? > I can see no flaws with your approach. I can do this on Friday if you don't mind waiting. Otherwise, if you want to make the changes yourself to the master branch, do a pull request and I'll gladly merge in the new functionality. Saul -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
