[GH-ISSUE #42] Support a simpler method of logging in and changing passwords #23

New issue

Closed

opened 2026-02-27 08:14:40 +03:00 by kerem · 2 comments

kerem commented

2026-02-27 08:14:40 +03:00

Owner

Originally created by @nitnelave on GitHub (Sep 23, 2021).
Original GitHub issue: https://github.com/lldap/lldap/issues/42

To facilitate other frontends, a classic login methods sending the password in clear to the server could be added. That should come with a stern warning about DDoS attacks since the server will be doing all the steps of the OPAQUE protocol.

Originally created by @nitnelave on GitHub (Sep 23, 2021). Original GitHub issue: https://github.com/lldap/lldap/issues/42 To facilitate other frontends, a classic login methods sending the password in clear to the server could be added. That should come with a stern warning about DDoS attacks since the server will be doing all the steps of the OPAQUE protocol.

kerem

2026-02-27 08:14:40 +03:00

closed this issue
added the
enhancement

good first issue
labels

kerem commented

2026-02-27 08:14:42 +03:00

Author

Owner

@JaneJeon commented on GitHub (Apr 4, 2022):

Or we could just support something like https://github.com/ltb-project/self-service-password? obviously that would require that lldap be "writable" from the perspective of that application

@JaneJeon commented on GitHub (Apr 4, 2022): Or we could just support something like https://github.com/ltb-project/self-service-password? obviously that would require that lldap be "writable" from the perspective of that application

kerem commented

2026-02-27 08:14:42 +03:00

Author

Owner

@nitnelave commented on GitHub (Apr 4, 2022):

That's a different thing: what you're suggesting is a way for users to change their password and/or reset it via email. This is already supported by LLDAP with the web UI, and the LDAP interface also allows changing the password. LLDAP should already be compatible with self-service-password, but it shouldn't be needed because the functionality is already built-in.

This issue is about facilitating scripting, especially with other languages, to allow them to authenticate via simple login/password instead of going through opaque.
Note that it was implemented in https://github.com/nitnelave/lldap/pull/121, we should close this.

@nitnelave commented on GitHub (Apr 4, 2022): That's a different thing: what you're suggesting is a way for users to change their password and/or reset it via email. This is already supported by LLDAP with the web UI, and the LDAP interface also allows changing the password. LLDAP should _already_ be compatible with self-service-password, but it _shouldn't be needed_ because the functionality is already built-in. This issue is about facilitating scripting, especially with other languages, to allow them to authenticate via simple login/password instead of going through opaque. Note that it was implemented in https://github.com/nitnelave/lldap/pull/121, we should close this.

kerem referenced this issue

2026-02-27 08:17:45 +03:00

[PR #23] [MERGED] Fix dockerfile start command #494