View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0010909mantisbtsecuritypublic2009-09-05 12:362010-04-23 23:22
Reporterrgomes1997 Assigned Tovboctor  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionduplicate 
Summary0010909: LDAP password copied to mantis_user_table
Description

When external LDAP authentication is employed there's no need for passwords in mantis_user_table.

In particular, my users have their passwords as SHA hash in the LDAP repository but their passwords are being 'written down' as a clear text in mantis_user_table when the user entry is created in mantis_user_table.

Product version : 1.2.0-rc2
product build : mantisbt-1.2.0rc2-2009-09-02-master-1.2.x-02195ad

This build allows automatic creation of users in mantis_user_table when LDAP authentication is successful and such user does not previously exist in mantis_user_table.

TagsNo tags attached.

Relationships

Relationship GraphDependency Graph
duplicate of 0010979 closedvboctor New user creation when using LDAP authentication enters plain text password user entered into the database. 

Activities

There are no notes attached to this issue.