Details
-
Improvement
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
1.5.7
-
None
-
None
Description
Current implementation of DelegatingAuthenticator uses plain socket connection which makes it vulnerable to MITM attacks.
It will be good to setup TLS (using startTLS extended operation) after establishing a connection.
We should also add a configuration option to selectively turn on/off this option with a new attributetype named like 'useTLS'
in the 'ads-delegatingAuthenticator' objectclass.