Open LDAP Password not encrypting - Solved

[GoogleCodeExporter]

By default PWM will save only plain text password to openldap and there was no 
option to store as hashed (md5/sha).

Solved this issue by modifying the source code as below.
Work around.
    > Added a new method named 'encryptLdapPassword' to password.pwm.util.operations.PasswordUtility.java

     >Changed the  second argument of method calling doPasswordOperation(pwmSession,newPassword, oldPassword) to  doPasswordOperation(pwmSession,encryptLdapPassword (newPassword), oldPassword) in method named setUserPassword

Now open LDAP will get encrypted password and all other validation will work 
fine.

Modified in the PWM 1.6.4 PWM-servlet library.

Original issue reported on code.google.com by raza...@gmail.com on 19 Aug 2013 at 9:24

• Merged into: #89

Attachments:

• PasswordUtility.java

[GoogleCodeExporter]

a) This patch breaks other LDAP directories where they properly do the password 
encryption on the server side.

b) PWM will not be adopting specialized password set methods anywhere but in 
the ldap chai library.

Original comment by jrivard on 19 Aug 2013 at 3:23

• Changed state: Duplicate