Using randomKey creates a valid LDAP login
------------------------------------------
Key: DIRKRB-29
URL: https://issues.apache.org/jira/browse/DIRKRB-29
Project: Directory Kerberos
Issue Type: Bug
Affects Versions: 2.0.0
Reporter: Andreas Oberritter
Assignee: Emmanuel Lecharny
Fix For: 2.0.0
Setting userPassword to "randomKey" triggers the generation of Kerberos keys.
However, "randomKey" also gets stored as the real LDAP users password. This
creates accounts with easily guessable DNs like
uid=krbtgt,ou=people,dc=example,dc=com, which can be used to access the LDAP
server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
