# HG changeset patch # User Paul Aurich # Date 1428025792 25200 # Node ID 71538875be481188b42adfc3a092dcd1e6c46930 # Parent a4a6b4be973abb3dc861f174a9a8d6c6a4596627 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS. diff -r a4a6b4be973a -r 71538875be48 mod_lib_ldap/README.md --- a/mod_lib_ldap/README.md Tue Mar 31 20:57:34 2015 +0200 +++ b/mod_lib_ldap/README.md Thu Apr 02 18:49:52 2015 -0700 @@ -6,11 +6,12 @@ # LDAP Authentication -**NOTE**: LDAP authentication currently only works with plaintext auth! If this isn't ok -with you, don't use it! (Or better yet, fix it =) ) +**NOTE**: LDAP authentication currently only works with plaintext auth (as opposed to DIGEST-MD5 or SCRAM) +If this isn't ok with you, don't use it! (Or better yet, fix it =) ) -With that note in mind, you need to set 'allow\_unencrypted\_plain\_auth' to true in your configuration if -you want to use LDAP authentication. +With that note in mind, if you need to allow (XMPP) clients to connect to your server without TLS and +want to use this module, you need to set 'allow\_unencrypted\_plain\_auth' to true in your +configuration. You probably don't actually want to do this, though. To enable LDAP authentication, set 'authentication' to 'ldap2' in your configuration file. See also http://prosody.im/doc/authentication.