Jul 15th, 2011, 07:15 AM
ApacheDS Authentication LDAP Question
I am in the midst of setting up an LDAP prototype using ApacheDS. I do not, however, want to use the encryption algorithms that are provided with something like Apache Directory Studio.
I implemented an interceptor that is called whenever someone adds a password or modifies a password. I added a custom hash for these operations and they work. Whenever a password is added or modified, it is hashed using my algorithm. The only problem is when a user tries to bind to the LDAP, it is not hashing the password they submit, so they are not authenticated.
So my question is, can someone please give me some direction in the way of intercepting the bind operation and how to do so effectively (all of my efforts have failed). My plan was to intercept the bind operation and then take the credentials portion (password) and run my algorithm on it so it would be hashed, then continue the bind operation. Does this sound doable? Please let me know soon.
Thanks in advance,