Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1920

Support for Kerberos based autentication to LDAP

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: LDAP
    • Labels:
      None

      Description

      When authenticating using ldap, a simple bind is used.  This exposes the admin dn (account used to search ldap), and users username and password. 

      I was able to confirm this while running wireshark on the ldap server that openfire authenticates with.

      This can be mitigated by using ldaps and starttls.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              guus Guus der Kinderen
              Reporter:
              speedy speedy
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: