Defect #33978
open
Redmine.pm shall decrypt LDAP bind password
0%
Related issues
Updated by Anonymous about 4 years ago
Redmine saves LDAP bind password on the table auth_sources with encryption by AES-256-CBC. Redmine itself is aware of the encryption and read out it with decryption.
On the other hand, Redmine.pm is reading the relational database directly without decryption and fails to bind LDAP and finally fails to authenticate Subversion access.
Updated by Anonymous about 4 years ago
There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.
Updated by Go MAEDA about 4 years ago
- Tracker changed from Feature to Defect
- Category changed from Accounts / authentication to SCM extra
- Status changed from New to Confirmed
- Affected version set to 1.2.0
Updated by Go MAEDA about 4 years ago
- Related to Feature #7411: Option to cipher LDAP ans SCM passwords stored in the database added
Updated by Go MAEDA about 4 years ago
徹 原口 wrote:
There is no way to read out cipher_key setting from config/configuration.yml from perl and then it is difficult to integrate Redmine.pm to Redmine.
Maybe Redmine.pm should support a new directive such as RedmineDbCiperKey.
Updated by Anonymous about 4 years ago
Since our company changed LDAP service to require bind and the old one will be ceased at 9/30, some work around is needed.
Updated by Anonymous about 4 years ago
Will somebody insist a best ciphering lib for perl?
Updated by Anonymous about 4 years ago
Oh, there was.
https://metacpan.org/pod/Crypt::Cipher::AES
Updated by Anonymous about 4 years ago
As an workaround, I will make the password constant in Redmine.pm so far. Please resolve this contradiction in near future.