directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DIRSERVER-1819) The Password Interceptor should be activated on some parts of the DIT only
Date Mon, 08 Apr 2013 16:15:16 GMT
Emmanuel Lecharny created DIRSERVER-1819:
--------------------------------------------

             Summary: The Password Interceptor should be activated on some parts of the DIT
only
                 Key: DIRSERVER-1819
                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1819
             Project: Directory ApacheDS
          Issue Type: Bug
    Affects Versions: 2.0.0-M11
            Reporter: Emmanuel Lecharny
             Fix For: 2.0.0-RC1


Currently, we need to activate the PasswordHash interceptor for Kerberos to be activated.
This is fine, except that this interceptor blindly hashes all the userPassword added values
on the fly, regardless they are used by kerberos or not.

It would be way better if the hashing occurs on specific parts of the DIT, those under the
searchBaseDN for Kerberos for instance.

The interceptor should contain the list of searchBaseDN which will see the password hsahed.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message