[
https://issues.apache.org/jira/browse/OAK-3626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15252229#comment-15252229
]
Tobias Bocanegra commented on OAK-3626:
---------------------------------------
The idea was to decouple the problem of providing the bind password from the
(osgi) configuration, so that the ldap IDP can also work securely w/o osgi.
the issue here at had is to create a mechanism so that the credentials can be
provided from the outside. maybe using a {{LdapBindPasswordProvider}} setting
the the config. And have a default implementation using the crypto support that
is then set in the activate method.
> Provide bind credentials callback
> ---------------------------------
>
> Key: OAK-3626
> URL: https://issues.apache.org/jira/browse/OAK-3626
> Project: Jackrabbit Oak
> Issue Type: New Feature
> Components: auth-ldap
> Reporter: Tobias Bocanegra
>
> The ldap identity provider reads the admin bind credentials from the given
> config which might originate from a un-encrypted source (eg. osgi config).
> in order to facilitate secure provisioning of the bind credentials, the ldap
> idp should offer some sort of credentials provider callback.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
