Password can only be stored in clear text, sha1 encryption make the authentication fail.

vesse / passport-ldapauth

LDAP authentication strategy for Passport

MIT License

312 stars 100 forks source link

Password can only be stored in clear text, sha1 encryption make the authentication fail. #72

Closed kopax closed 6 years ago

kopax commented 6 years ago

Following issue https://github.com/Requarks/wiki/issues/521 https://github.com/Requarks/wiki/issues/524

I have the following version of wikijs installed:

version: 1.0.78

This package depend on passport-ldapauth, our LDAP user can only connect if the encryption used for the password is in CLEAR TEXT, we'd like it to be SHA1, how is it possible to change ?

I believe this should use ldapwhoami/ldapsearch to benefits from the security overlay instead of reprogramming it.

vesse commented 6 years ago

No idea. Generally how passwords are stored by the server should not matter to the client, just like browser is not interested in what a password is and how is it handled by the server. Furthermore, had you spent any time reading the documentation, you’d know this is an authentication strategy for ldap, not an ldap client implementation. The underlying client implementation is ldapjs.