Directory ApacheDS
  1. Directory ApacheDS
  2. DIRSERVER-1617

Add a feture to support TLS in DelegatingAuthenticator

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 1.5.7
    • Fix Version/s: 2.0.0-M13
    • Component/s: None
    • Labels:
      None

      Description

      Current implementation of DelegatingAuthenticator uses plain socket connection which makes it vulnerable to MITM attacks.
      It will be good to setup TLS (using startTLS extended operation) after establishing a connection.

      We should also add a configuration option to selectively turn on/off this option with a new attributetype named like 'useTLS'
      in the 'ads-delegatingAuthenticator' objectclass.

        Activity

        Hide
        Emmanuel Lecharny added a comment -

        Implemented.

        Show
        Emmanuel Lecharny added a comment - Implemented.
        Hide
        Pierre-Arnaud Marcelot added a comment -

        Version 2.0.0-M3 has been released a couple months ago.

        Assigned the remaining opened JIRA to the next iteration (2.0.0-M4).

        Show
        Pierre-Arnaud Marcelot added a comment - Version 2.0.0-M3 has been released a couple months ago. Assigned the remaining opened JIRA to the next iteration (2.0.0-M4).
        Hide
        Pierre-Arnaud Marcelot added a comment -

        Version 2.0.0-M1 has been released.
        Moving all related non-resolved issues to the next version.

        Show
        Pierre-Arnaud Marcelot added a comment - Version 2.0.0-M1 has been released. Moving all related non-resolved issues to the next version.

          People

          • Assignee:
            Unassigned
            Reporter:
            Kiran Ayyagari
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development