[jira] [Updated] (DIRSERVER-1819) The Password Interceptor should be activated on some parts of the DIT only

Emmanuel Lecharny (JIRA) Sun, 16 Jun 2019 07:58:15 -0700


     [ 
https://issues.apache.org/jira/browse/DIRSERVER-1819?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Emmanuel Lecharny updated DIRSERVER-1819:
-----------------------------------------
    Component/s: pwd interceptor

> The Password Interceptor should be activated on some parts of the DIT only
> --------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1819
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1819
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: pwd interceptor
>    Affects Versions: 2.0.0-M11
>            Reporter: Emmanuel Lecharny
>            Priority: Major
>             Fix For: 2.0.0-RC1
>
>
> Currently, we need to activate the PasswordHash interceptor for Kerberos to 
> be activated. This is fine, except that this interceptor blindly hashes all 
> the userPassword added values on the fly, regardless they are used by 
> kerberos or not.
> It would be way better if the hashing occurs on specific parts of the DIT, 
> those under the searchBaseDN for Kerberos for instance.
> The interceptor should contain the list of searchBaseDN which will see the 
> password hsahed.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (DIRSERVER-1819) The Password Interceptor should be activated on some parts of the DIT only

Reply via email to