Project

General

Profile

Actions

Defect #33978

open

Redmine.pm shall decrypt LDAP bind password

Added by Anonymous over 3 years ago. Updated over 3 years ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
SCM extra
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Related issues

Related to Redmine - Feature #7411: Option to cipher LDAP ans SCM passwords stored in the databaseClosed2011-01-22

Actions
Actions #1

Updated by Anonymous over 3 years ago

Redmine saves LDAP bind password on the table auth_sources with encryption by AES-256-CBC. Redmine itself is aware of the encryption and read out it with decryption.

On the other hand, Redmine.pm is reading the relational database directly without decryption and fails to bind LDAP and finally fails to authenticate Subversion access.

Actions #2

Updated by Anonymous over 3 years ago

There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.

Actions #3

Updated by Go MAEDA over 3 years ago

  • Tracker changed from Feature to Defect
  • Category changed from Accounts / authentication to SCM extra
  • Status changed from New to Confirmed
  • Affected version set to 1.2.0
Actions #4

Updated by Go MAEDA over 3 years ago

  • Related to Feature #7411: Option to cipher LDAP ans SCM passwords stored in the database added
Actions #5

Updated by Go MAEDA over 3 years ago

徹 原口 wrote:

There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.

Maybe Redmine.pm should support a new directive such as RedmineDbCiperKey.

Actions #6

Updated by Anonymous over 3 years ago

Since our company changed LDAP service to require bind and the old one will be ceased at 9/30, some work around is needed.

Actions #7

Updated by Anonymous over 3 years ago

Will somebody insist a best ciphering lib for perl?

Actions #8

Updated by Anonymous over 3 years ago

Actions #9

Updated by Anonymous over 3 years ago

As an workaround, I will make the password constant in Redmine.pm so far. Please resolve this contradiction in near future.

Actions

Also available in: Atom PDF