[jira] [Commented] (AIRFLOW-3164) verify certificate of LDAP server

JIRA Tue, 27 Nov 2018 12:41:25 -0800


    [ 
https://issues.apache.org/jira/browse/AIRFLOW-3164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16700987#comment-16700987
 ]


Maciej Bryński commented on AIRFLOW-3164:
-----------------------------------------

Still you can enable TLS option as default and give the option to disable it.
Auth backend it's not an option. It's a hack. Difficult to implement and even 
more difficult to maintain.

Sometimes if you're working in bigger company changes like enabling TLS are not 
easy to process.

Long story short: give users options and don't break your code in bugfix 
versions.


> verify certificate of LDAP server
> ---------------------------------
>
>                 Key: AIRFLOW-3164
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3164
>             Project: Apache Airflow
>          Issue Type: Bug
>            Reporter: Bolke de Bruin
>            Priority: Blocker
>             Fix For: 1.10.1
>
>
> Currently we dont verify the certificate of the Ldap server this can lead to 
> security incidents.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (AIRFLOW-3164) verify certificate of LDAP server

Reply via email to