Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-1819

The Password Interceptor should be activated on some parts of the DIT only

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 2.0.0-M11
    • 2.0.0-RC1
    • pwd interceptor
    • None

    Description

      Currently, we need to activate the PasswordHash interceptor for Kerberos to be activated. This is fine, except that this interceptor blindly hashes all the userPassword added values on the fly, regardless they are used by kerberos or not.

      It would be way better if the hashing occurs on specific parts of the DIT, those under the searchBaseDN for Kerberos for instance.

      The interceptor should contain the list of searchBaseDN which will see the password hsahed.

      Attachments

        Activity

          People

            Unassigned Unassigned
            elecharny Emmanuel Lécharny
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: