WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added security part

This commit is contained in:
Roland Gruber 2003-08-10 09:49:30 +00:00
parent 63b3bd62a0
commit 0ff1fb9dc4
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lam/README
View File

@ -76,6 +76,14 @@ LAM - Readme
If you want to use a translated version of LAM be sure to install the
needed locales. See locale/ for a list of supported locales.
Debian users can add locales with "dpkg-reconfigure locales".
Security:
It is strongly recommended to use a SSL connection to your web server.
LAM needs to store your LDAP username + password in the session. The session
files are saved in sess/ and are accessible only by the web server. To increase
security username and password are encrypted with AES (256 bit). The key and iv
are generated at random when you log in. They are stored in two cookies.
Have fun!