Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.1
    • Fix Version/s: 1.3.0
    • Component/s: studio-ldapbrowser
    • Labels:
      None

      Description

      When adding a userPassword in an existing entry, the password is not shown in the main windows (which is a good idea). But when the entry is modified, the log view shows the entire ldif, with the password in clear text (or BASE64 encoded).

      It would be much safer to replace the password with ****** in the ldif logs.

        Activity

        Emmanuel Lecharny created issue -
        Stefan Seelmann made changes -
        Field Original Value New Value
        Fix Version/s 1.3.0 [ 12313309 ]
        Stefan Seelmann made changes -
        Assignee Stefan Seelmann [ seelmann ]
        Hide
        Stefan Seelmann added a comment -

        Added a preference to define masked attributes:
        http://svn.apache.org/viewvc?rev=696773&view=rev

        By default none attribute is masked. Is this sufficient or should we mask userPassword by default?

        Show
        Stefan Seelmann added a comment - Added a preference to define masked attributes: http://svn.apache.org/viewvc?rev=696773&view=rev By default none attribute is masked. Is this sufficient or should we mask userPassword by default?
        Stefan Seelmann made changes -
        Resolution Fixed [ 1 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Pierre-Arnaud Marcelot made changes -
        Component/s studio-ldapbrowser [ 12311538 ]
        Pierre-Arnaud Marcelot made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Stefan Seelmann
            Reporter:
            Emmanuel Lecharny
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development