The right place to put this interceptor would be just after Normalization, if we consider that such an interceptor is adding some semantic to a client request. From the server logic, it should be considered as an user provided information, before it manipulate it.
Slight optimization : you don't have to loop on the entry's attributes to get the password Attribute. Simply get it from the entry : entry.get( "userPassword' ); No need to take care of the attribute case, it's done internally by the get method (at this point, the Entry is schema aware and will normalize the value and use the appropriate Comparator)
One last thing : you should suggest to use SSHA-256, instead of MD5. MD5 is considered as weak : http://www.schneier.com/essay-074.html (so is SSHA1, btw
2 Comments
Emmanuel Lécharny
Emmanuel Lécharny
One last thing : you should suggest to use SSHA-256, instead of MD5. MD5 is considered as weak : http://www.schneier.com/essay-074.html (so is SSHA1, btw