[om-infra] sso - custom username support is working now
Robert Xu
robxu9 at gmail.com
Tue Jan 19 13:44:14 EST 2016
On 19 Jan 2016 13:19, "Anurag Bhandari" <ab at anuragbhandari.com> wrote:
>
>
> On 19-Jan-2016 1:26 pm, "Robert Xu" <robxu9 at gmail.com> wrote:
> >
> > Okay, so it's a good thing I caught this - LDAP is storing passwords
> > in clear text. That is unacceptable.
>
> Whoops! That's outrageous. Totally unacceptable.
>
> >
> > Can someone figure out a way to make LDAP store them hashed? We cannot
> > proceed with passwords in clear text.
>
> I can check into this. Where's the data store for LDAP? Also, did you
check if there's a setting in lemonldap to enable encrypted passwords. At
any rate, such a setting should be default.
In Ruby. There's no setting in LemonLDAP, so we probably forgot to enable
some sort of setting in LDAP itself - ppolicy maybe?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.openmandriva.org/mailman/private/om-infra_ml.openmandriva.org/attachments/20160119/4893ab71/attachment.html>
More information about the OM-Infra
mailing list