Wednesday, December 19, 2001 10:14 AM
First of all, you want to AUTHORIZE the user, not authenticate them. Authentication is done using certificates, keys, etc.
To authorize the user, you'll want to grab their record from the LDAP server. See your local LDAP administrator for how to query for a record based upon username, password, etc. They'll tell you if you need to send any encrypted password, or if you should send it plaintext, etc.
If you can't search by password, you'll want to just search by username (and other required fields as determined by your LDAP configuration). Then, check the records you get to see if the password matches. You may have to use trap-door encryption to check the LDAP record password, since it is likely to be encrypted.