Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.1
    • Fix Version/s: 1.3.0
    • Component/s: studio-ldapbrowser
    • Labels:
      None

      Description

      When adding a userPassword in an existing entry, the password is not shown in the main windows (which is a good idea). But when the entry is modified, the log view shows the entire ldif, with the password in clear text (or BASE64 encoded).

      It would be much safer to replace the password with ****** in the ldif logs.

        Activity

        Hide
        seelmann Stefan Seelmann added a comment -

        Added a preference to define masked attributes:
        http://svn.apache.org/viewvc?rev=696773&view=rev

        By default none attribute is masked. Is this sufficient or should we mask userPassword by default?

        Show
        seelmann Stefan Seelmann added a comment - Added a preference to define masked attributes: http://svn.apache.org/viewvc?rev=696773&view=rev By default none attribute is masked. Is this sufficient or should we mask userPassword by default?

          People

          • Assignee:
            seelmann Stefan Seelmann
            Reporter:
            elecharny Emmanuel Lecharny
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development