Dear developer,
please could you take into consideration to encrypt the credentials stored in settings.xml files?
<LDAP_BindDN>CN=xxx,CN=Users,CN=external,DC=xxx,DC=at</LDAP_BindDN>
<LDAP_BindPass>plain text password here</LDAP_BindPass>
<LDAP_BaseDN>CN=Users,CN=external,DC=navax,DC=at</LDAP_BaseDN>
To store such sensitive informations in plain text is not state of the art.
Kindly regards,
axnav // Michael
Encrypt credentials in settings.xml
-
- Site Admin
- Posts: 2094
- Joined: Tue Sep 29, 2009 6:09 am
Re: Encrypt credentials in settings.xml
OK, I suggest you create a temporary user for LDAP binding only, so its password won't be sensitive, like:
Code: Select all
User: CN=wingftpbind,CN=Users,CN=external,DC=xxx,DC=at
Pass: xxxxxx