Kerberos Requires Plain Text Password
-------------------------------------
Key: DIRKRB-82
URL: https://issues.apache.org/jira/browse/DIRKRB-82
Project: Directory Kerberos
Issue Type: New Feature
Affects Versions: 2.5.0
Environment: All Environments
Reporter: Jeff Domeyer
Assignee: Emmanuel Lecharny
Priority: Minor
Attachments: ConfigurableKeyDerivationInterceptor.java
I would imagine a lot of people dislike storing password in LDAP in plain text,
and unfortunately the client application is producing the hashed/encrypted
password to be stored in LDAP, so when the Kerberos interceptor comes along, it
can only use plain text passwords to calculate the Kerberos keys.
I created a subclass of KeyDerivationInterceptor, that when configured, will
replace the plain text password with a hash of your choice.
(Looks like I can't attach here, will try attaching after creation of issue).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
