History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: QB-167
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Critical Critical
Assignee: Robin Shen
Reporter: Tom McGlynn
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
QuickBuild

LDAP Authentication is cleartext

Created: 21/Nov/06 09:14 AM   Updated: 17/Feb/10 05:17 AM
Component/s: None
Affects Version/s: None
Fix Version/s: None

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown


 Description  « Hide
LDAP Authentication should have an option to use SASL. The current implementation passes user's credentials in cleartext. This is a big security issue at my company.

 All   Comments   Work Log   Change History      Sort Order:
[ Permlink | « Hide ]
Robin Shen [21/Nov/06 06:23 PM]
How about using LDAP over SSL which is already supported by QuickBuild.

Regards.
Robin


[ Permlink | « Hide ]
Tom McGlynn [22/Nov/06 01:21 PM]
That's a good suggestion. However, it can be difficult to get the public key. I spent a couple ot weeks trying to find the right person in IT who had any clue what I was talking about. Is there a "TLS_REQCERT never" option? If not, a SASL option would be nice.

[ Permlink | « Hide ]
Robin Shen [22/Nov/06 04:03 PM]
Currently there is no such option. We'll investigate on this. Thanks.


Powered by Atlassian JIRA™ the Professional Issue Tracker. (Standard Edition, Version: 3.7.4-#189) - Bug/feature request - Contact Administrators