SchoolTool

LDAP authentication

Asked by Peter Dracvel on 2015-12-14

We noticed that login with the LDAP backend cause writing into zodb user password, so if user change his password in LDAP Central Portal he can login using a new password from LDAP or old password stored as he login in schooltool before. Is it possible to authenticate only against LDAP? If no, if the users passwords are stored encrypted in schooltool zodb database? If yes, which encryption algorithm (one way hash fuction) is used or it is stored clear text?

Question information

Language:: English Edit question

Status:: Answered

For:: SchoolTool Edit question

Assignee:: No assignee Edit question

Last query:: 2015-12-14

Last reply:: 2015-12-18

Link existing bug

Revision history for this message

Tom Hoffman (tom-hoffman) said on 2015-12-18:

The LDAP authentication checks against the server. To be honest, the developer who wrote the LDAP implementation is no longer on the project, and it isn't immediately obvious to us what the purpose of storing the password locally is. Probably as a fallback. The passwords are hashed (sha1) in the ZODB.

Can you help with this problem?

Provide an answer of your own, or ask Peter Dracvel for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

SchoolTool

LDAP authentication

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers