Post here if you have some suggestions or you want to request a new feature.

Encrypt credentials in settings.xml

Wed Nov 03, 2021 1:11 pm

Dear developer,

please could you take into consideration to encrypt the credentials stored in settings.xml files?

<LDAP_BindDN>CN=xxx,CN=Users,CN=external,DC=xxx,DC=at</LDAP_BindDN>
<LDAP_BindPass>plain text password here</LDAP_BindPass>
<LDAP_BaseDN>CN=Users,CN=external,DC=navax,DC=at</LDAP_BaseDN>

To store such sensitive informations in plain text is not state of the art.

Kindly regards,
axnav // Michael

Re: Encrypt credentials in settings.xml

Wed Nov 03, 2021 2:27 pm

OK, I suggest you create a temporary user for LDAP binding only, so its password won't be sensitive, like:

Code:
User: CN=wingftpbind,CN=Users,CN=external,DC=xxx,DC=at
Pass: xxxxxx