Bug #1349
Do not save the password in ldap auth driver
| Status: | Closed | Start date: | 07/12/2012 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Javi Fontan | % Done: | 0% | |
| Category: | Drivers - Auth | |||
| Target version: | Release 3.8 | |||
| Resolution: | fixed | Pull request: | ||
| Affected Versions: | OpenNebula 3.6 |
Description
Ldap auth driver saves the ldap user password when the user is automatically created. This creates a security problem.
History
#1
Updated by Ruben S. Montero almost 9 years ago
- Target version set to Release 3.8
#2
Updated by Ruben S. Montero almost 9 years ago
A patch is attached in #1385
#3
Updated by Ruben S. Montero almost 9 years ago
- Status changed from New to Assigned
#4
Updated by Javi Fontan almost 9 years ago
- Category set to Drivers - Auth
- Status changed from Assigned to Closed
- Resolution set to fixed
Now the ldap driver returns the user dn as password. This way we also have information on the user and the password is not saved.