[
https://issues.apache.org/jira/browse/OAK-3626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15670455#comment-15670455
]
angela commented on OAK-3626:
-----------------------------
based on discussions with [~asanso] and [~acollign] I got convinced that we
should leverage RFC 227 [0] to get this solved in a generic way. This would
beneficial for every type of {{ExternalIdentityProvider}} implementation and
not just limited to the LDAP case we kept discussing here.
[0]
https://github.com/osgi/design/blob/master/rfcs/rfc0227/rfc-0227-ConfigAdminUpdates.pdf
> Provide bind credentials callback
> ---------------------------------
>
> Key: OAK-3626
> URL: https://issues.apache.org/jira/browse/OAK-3626
> Project: Jackrabbit Oak
> Issue Type: New Feature
> Components: auth-ldap
> Reporter: Tobias Bocanegra
>
> The ldap identity provider reads the admin bind credentials from the given
> config which might originate from a un-encrypted source (eg. osgi config).
> in order to facilitate secure provisioning of the bind credentials, the ldap
> idp should offer some sort of credentials provider callback.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
