Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-1617

Add a feture to support TLS in DelegatingAuthenticator

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.5.7
    • Fix Version/s: 2.0.0-M13
    • Component/s: None
    • Labels:
      None

      Description

      Current implementation of DelegatingAuthenticator uses plain socket connection which makes it vulnerable to MITM attacks.
      It will be good to setup TLS (using startTLS extended operation) after establishing a connection.

      We should also add a configuration option to selectively turn on/off this option with a new attributetype named like 'useTLS'
      in the 'ads-delegatingAuthenticator' objectclass.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              akiran Kiran Ayyagari
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: