Encrypt credentials in settings.xml

Post here if you have some suggestions or you want to request a new feature.

Encrypt credentials in settings.xml

Postby axnav » Wed Nov 03, 2021 1:11 pm

Dear developer,

please could you take into consideration to encrypt the credentials stored in settings.xml files?

<LDAP_BindDN>CN=xxx,CN=Users,CN=external,DC=xxx,DC=at</LDAP_BindDN>
<LDAP_BindPass>plain text password here</LDAP_BindPass>
<LDAP_BaseDN>CN=Users,CN=external,DC=navax,DC=at</LDAP_BaseDN>

To store such sensitive informations in plain text is not state of the art.

Kindly regards,
axnav // Michael
axnav
 
9
 
Thu May 19, 2016 10:11 am

Re: Encrypt credentials in settings.xml

Postby FTP » Wed Nov 03, 2021 2:27 pm

OK, I suggest you create a temporary user for LDAP binding only, so its password won't be sensitive, like:

Code: Select all
User: CN=wingftpbind,CN=Users,CN=external,DC=xxx,DC=at
Pass: xxxxxx
FTP
Site Admin
 
1876
 
Tue Sep 29, 2009 6:09 am


Return to Suggestions & Wishlist

Who is online

Users browsing this forum: No registered users and 1 guest